Unrated severityNVD Advisory· Published Sep 21, 2023· Updated Sep 24, 2024

Remote Code Execution in Eclipse RAP on Windows

CVE-2023-4760

Description

In Eclipse RAP versions from 3.0.0 up to and including 3.25.0, Remote Code Execution is possible on Windows when using the FileUpload component.

The reason for this is a not completely secure extraction of the file name in the FileUploadProcessor.stripFileName(String name) method. As soon as this finds a / in the path, everything before it is removed, but potentially \ (backslashes) coming further back are kept.

For example, a file name such as /..\..\webapps\shell.war can be used to upload a file to a Tomcat server under Windows, which is then saved as ..\..\webapps\shell.war in its webapps directory and can then be executed.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Eclipse/RAPllm-create
Range: >=3.0.0 <=3.25.0
Eclipse Foundation/Eclipse RAPv5
Range: 3.0.0

Patches

Vulnerability mechanics

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000