An file upload vulnerability in Ivanti ITSM before 2023.4, allows an authenticated remote user to perform file writes to the server. Successful exploitation may lead to execution of commands in the context of non-root user.
The Ivanti Neurons for ITSM application does not sufficiently verify uploaded files (CWE-434 — unrestricted upload of file with dangerous type), which allows an authenticated user to upload a file with arbitrary content and save it in a selected location on the server. An attacker can thus place a malicious executable file or script in an accessible server directory. By subsequently invoking the uploaded file, they can execute arbitrary system commands.
An attacker can execute commands on the server in the context of a non-root account, which may lead to application takeover, data theft, or lateral movement in the network.
Ivanti Neurons for ITSM should be updated to version 2023.4 or newer. Detailed information is available in the official Ivanti security bulletin at the address indicated in the references.
Ivanti Neurons for ITSM in versions earlier than 2023.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HIvanti Neurons For Itsm
APPIvanti< 2023.4
Related vulnerabilities
Authentication Bypass w Ivanti Neurons for ITSM — dostęp administracyjny bez uwierzytelnienia
Ujawnienie OIDC client secret w Ivanti Neurons for ITSM przez debug info
Improper certificate validation in Ivanti ITSM on-prem and Neurons for ITSM Versions 2023.4 and earlier allows...
A SQL injection vulnerability in web component of Ivanti Neurons for ITSM allows a remote authenticated user t...
An unrestricted file upload vulnerability in web component of Ivanti Neurons for ITSM allows a remote, authent...