eCharge Hardy Barth Salia PLCC Unrestricted File Upload Vulnerability in Web UI Component

A critical vulnerability allowing unrestricted file uploads has been identified in eCharge Hardy Barth Salia PLCC version 2.2.0. This issue resides in the Web UI component, specifically within the firmware.php file. The vulnerability is triggered by manipulating the media argument, which leads to arbitrary file uploads. This flaw can be exploited remotely and has been publicly disclosed, with an available exploit. The vulnerability could potentially allow uploaded files to be executed, leading to arbitrary remote command execution.

Impact

Exploitation of this vulnerability allows for arbitrary file uploads, which could be used to execute malicious files on the server, potentially leading to arbitrary remote command execution.

Reproduction

The vulnerability can be reproduced by sending a request to the firmware.php file with a manipulated media argument that includes a file of a type that the application will process. This can be done remotely, and the uploaded file can be executed to achieve command execution on the server.