Mend Vulnerability Database
What is a CVE vulnerability ID? What is a WS vulnerability ID?New vulnerability? Tell us about it!
We found results for “”
Date: October 20, 2021
OverviewIn Camaleon CMS, versions 2.0.1 to 2.6.0 are vulnerable to an Uncaught Exception. The app's media upload feature crashes permanently when an attacker with a low privileged access uploads a specially crafted .svg file
DetailsCamaleon CMS’s Media upload feature crashes permanently when an attacker with low privilege access uploads an .svg file
PoC DetailsIn a private window, create a sample account. Go to Profile, Change Photo and upload a crafted SVG file with contents such as given below.
Now in a normal window, login as an administrator user. Go to the Media tab on the right. We can see a crash which is permanent and no user can now upload any image nor change their picture.
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> </svg>
Affected EnvironmentsCamaleon CMS versions 2.0.1 to 2.6.0
PreventionUpdate to camaleon_cms version 188.8.131.52
Good to know:
|Attack Vector (AV):||Network|
|Attack Complexity (AC):||Low|
|Privileges Required (PR):||Low|
|User Interaction (UI):||None|
|Access Vector (AV):||Network|
|Access Complexity (AC):||Low|