ARMBot Unrestricted File Upload Vulnerability in upload.php Allowing Remote Code Execution
Vulnerability
A vulnerability in ARMBot's upload.php file allows unauthenticated attackers to upload arbitrary files. This unrestricted file upload issue arises from the ability to manipulate the file parameter using path traversal sequences. Attackers can exploit this to upload PHP files into the web root directory, where the uploaded files can be executed, leading to remote code execution.
Impact
Exploitation of this vulnerability allows for arbitrary file uploads, with the potential for uploaded PHP files to be executed on the server, resulting in remote code execution.
Reproduction
To reproduce this vulnerability, send a POST request to the upload.php endpoint with a crafted file parameter that includes path traversal sequences. The traversal payload should be designed to navigate to the public_html directory and upload a PHP file, such as '.s.phtml', which can then be accessed and executed via the web server.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.