Directory Traversal vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the fileName parameter of the Save function.
An attacker sends a crafted payload to the fileName parameter of the Save function, containing path traversal sequences (e.g., '../'). The application does not properly validate the file path provided by the user, allowing the file to be written to any location accessible to the server process. By placing a malicious file (e.g., an executable script) outside the intended directory, the attacker can trigger arbitrary code execution.
An attacker can gain full control over the server by executing arbitrary code with the privileges of the application process. Data confidentiality loss, file modification or deletion, and complete service unavailability are possible.
Stimulsoft Dashboard.JS should be updated to version 2024.1.2 or newer. It is also recommended to restrict network access to the application panel only to trusted IP addresses and to monitor file write attempts outside designated directories.
Stimulsoft Dashboard.JS in versions prior to 2024.1.2
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HStimulsoft Dashboards.php
APPStimulsoft< 2024.1.2
Related vulnerabilities
Certain Stimulsoft GmbH products are affected by: Remote Code Execution. This affects Stimulsoft Designer (Des...
Stimulsoft (aka Stimulsoft Reports) 2013.1.1600.0, when Compilation Mode is used, allows an attacker to execut...
A Remote Code Execution vulnerability in Stimulsoft (aka Stimulsoft Reports) 2013.1.1600.0 allows an attacker ...
Stimulsoft GmbH Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Server Side Request Forgery (SSRF). TThe R...
Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Local File Inclusion.