CIPPlanner CIPAce Unrestricted File Upload Vulnerability in Rich Text Editor and Document Management Components

A vulnerability allowing unrestricted upload of executable files has been identified in the rich text editor and document management components of CIPPlanner CIPAce, prior to version 9.17. This issue allows authorized users to upload dangerous files under the guise of image uploads. If these executable files are stored in a directory with execution permissions or in the application directory, they can be executed.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of uploaded executable files, potentially allowing for malicious actions to be performed on the server or within the application.

Remediation

CIPPlanner has developed and distributed patches to address this vulnerability. The resolution involves implementing a whitelist of allowed file types for upload, which can be adjusted according to specific needs while maintaining safety. Customers can upgrade to CIPAce version 10.0 or later, or apply the provided patch if they are not yet on version 10.0.