CVE-2023-39147
Description
An arbitrary file upload vulnerability in Uvdesk 1.1.3 allows attackers to execute arbitrary code via uploading a crafted image file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Uvdesk/Uvdeskdescription
Patches
Vulnerability mechanics
Root cause
"The application allows unvalidated file uploads to be saved with a user-controlled filename and extension, which can be used to upload executable code."
Attack vector
An authenticated attacker can exploit this vulnerability by uploading a crafted PHP file disguised as a JPG image to the knowledgebase folder. The application saves the uploaded file with the name and extension provided in the upload request. After uploading, the attacker can access the uploaded file via a direct URL and execute arbitrary commands by passing them as a GET parameter to the script [ref_id=1].
Affected code
The vulnerability lies within the file upload functionality, specifically when handling the `solutionImage` parameter during the creation of knowledgebase folders. The script does not properly sanitize the uploaded file's name or content, allowing for arbitrary file uploads [ref_id=1].
What the fix does
The patch does not show specific code changes, but advisories typically recommend validating file types and extensions to prevent the upload of malicious scripts. The vendor has not released a patch for this vulnerability, and users are advised to upgrade to a secure version once available.
Preconditions
- authThe attacker must be authenticated to the application.
Reproduction
python3 CVE-2023-39147.py -u "http://$ip:8000/" -c "whoami" [ref_id=1]
Generated on Jun 4, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
2News mentions
0No linked articles in our index yet.