Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Command Injection. This issue affects Education Portal: before v1.1.
The vulnerability mechanism (CWE-434) consists of a lack of proper file type verification on the server side. An attacker can send a file containing malicious code (e.g., webshell) without needing to authenticate. After placing such a file on the server, it is possible to trigger command injection — execution of arbitrary commands in the context of the web server process.
An attacker gains the ability to remotely execute arbitrary commands on the server (RCE), which may result in complete system takeover, data theft, and violation of the integrity and availability of the entire platform.
ArslanSoft Education Portal must be immediately updated to version v1.1 or newer. Details are available in the manufacturer's references and the TR-23-0670 message published by USOM.
ArslanSoft Education Portal in all versions before v1.1.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HArslansoft Education Portal Project Arslansoft Education Portal
APPArslansoft Education Portal Project< 1.1
Related vulnerabilities
SQL Injection w ArslanSoft Education Portal — krytyczna podatność
Improper Protection for Outbound Error Messages and Alert Signals vulnerability in ArslanSoft Education Portal...
Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Read Sensi...