jQuery File Upload Arbitrary File Upload

critical Web App Scanning Plugin ID 98233

Language:

Synopsis

jQuery File Upload Arbitrary File Upload

Description

The version of jQuery File Upload running on the remote host is affected by an arbitrary file upload vulnerability. An unauthenticated attacker could leverage this vulnerability to gain access to the host in the context of the web application user.

Note: This has been detected using an active check and should be remediated immediately.

Solution

Upgrade to jQuery File Upload version 9.22.1 or later.

See Also

http://www.vapidlabs.com/advisory.php?v=204

https://github.com/blueimp/jQuery-File-Upload/blob/master/VULNERABILITIES.md#remote-code-execution-vulnerability-in-the-php-component

Plugin Details

Severity: Critical

ID: 98233

Type: remote

Family: Component Vulnerability

Published: 10/19/2018

Updated: 10/28/2022

Scan Template: api, basic, full, pci, scan

Risk Information

VPR

Risk Factor: High

Score: 8.4

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2018-9206

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS Score Source: CVE-2018-9206

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

CVE: CVE-2018-9206

BID: 105679, 106629

CWE: 434

OWASP: 2010-A4, 2013-A4, 2013-A9, 2017-A5, 2017-A9, 2021-A4, 2021-A6

WASC: Improper Input Handling

CAPEC: 1

DISA STIG: APSC-DV-002560, APSC-DV-002630

HIPAA: 164.306(a)(1), 164.306(a)(2)

ISO: 27001-A.12.6.1, 27001-A.14.2.5

NIST: sp800_53-CM-6b, sp800_53-SC-6

OWASP API: 2019-API7, 2023-API8

OWASP ASVS: 4.0.2-12.5.2, 4.0.2-14.2.1

PCI-DSS: 3.2-6.2, 3.2-6.5.1