Primary

Context

BigAntSoft BigAnt Server Unauthenticated Remote Code Execution Vulnerability via Account Registration

Vulnerability

A remote code execution vulnerability has been identified in BigAntSoft BigAnt Server versions through 5.6.06. This vulnerability allows unauthenticated attackers to create administrative accounts using the default SaaS registration mechanism. After gaining administrative access, attackers can upload and execute arbitrary PHP code through the 'Cloud Storage Addin', leading to unauthorized code execution.

Impact

Exploitation of this vulnerability allows for unauthenticated remote code execution on the server with system-level privileges.

Reproduction

Exploitation requires two steps. First, the CAPTCHA verification must be bypassed by solving a CAPTCHA challenge presented during the registration process. After obtaining the CAPTCHA solution, an account can be registered. Once the account is created, the 'Cloud Storage Addin' can be accessed to upload a PHP file, which can then be executed remotely.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

10.0

exploitability

9.1

remediation

0.0

relevance

0.0

threat

6.8

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

10.0

exploitability

9.1

remediation

0.0

relevance

0.0

threat

6.8

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

BigAntSoft BigAnt Server Unauthenticated Remote Code Execution Vulnerability via Account Registration

Vulnerability

Impact

Reproduction

Affected Products

BigAntSoft BigAnt Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating