cyberaz0r WebRAT up to 20191222 Server/api.php download_file name unrestricted upload

A vulnerability has been found in cyberaz0r WebRAT up to 20191222 and classified as critical. This vulnerability affects the function download_file of the file Server/api.php. The manipulation of the argument name leads to unrestricted upload. Using CWE to declare the problem leads to CWE-434. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. The weakness was disclosed 04/14/2020 as 0c394a795b9c10c07085361e6fcea286ee793701. The advisory is available at github.com. This vulnerability was named CVE-2020-36825. The attack can be initiated remotely. Technical details are available. There is no exploit available. The structure of the vulnerability defines a possible price range of USD $0-$5k at the moment. This vulnerability is assigned to T1608.002 by the MITRE ATT&CK project. It is declared as not defined. As 0-day the estimated underground price was around $0-$5k. The patch is identified as 0c394a795b9c10c07085361e6fcea286ee793701. The bugfix is ready for download at github.com. It is recommended to apply a patch to fix this issue. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Field05/04/2024 10:0905/04/2024 10:1405/15/2024 08:15
vendorcyberaz0rcyberaz0rcyberaz0r
nameWebRATWebRATWebRAT
version<=20191222<=20191222<=20191222
fileServer/api.phpServer/api.phpServer/api.php
functiondownload_filedownload_filedownload_file
argumentnamenamename
cwe434 (unrestricted upload)434 (unrestricted upload)434 (unrestricted upload)
risk222
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aLLL
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
date1586815200 (04/14/2020)1586815200 (04/14/2020)1586815200 (04/14/2020)
identifier0c394a795b9c10c07085361e6fcea286ee7937010c394a795b9c10c07085361e6fcea286ee7937010c394a795b9c10c07085361e6fcea286ee793701
urlhttps://github.com/cyberaz0r/WebRAT/commit/0c394a795b9c10c07085361e6fcea286ee793701https://github.com/cyberaz0r/WebRAT/commit/0c394a795b9c10c07085361e6fcea286ee793701https://github.com/cyberaz0r/WebRAT/commit/0c394a795b9c10c07085361e6fcea286ee793701
namePatchPatchPatch
date1586815200 (04/14/2020)1586815200 (04/14/2020)1586815200 (04/14/2020)
patch_name0c394a795b9c10c07085361e6fcea286ee7937010c394a795b9c10c07085361e6fcea286ee7937010c394a795b9c10c07085361e6fcea286ee793701
patch_urlhttps://github.com/cyberaz0r/WebRAT/commit/0c394a795b9c10c07085361e6fcea286ee793701https://github.com/cyberaz0r/WebRAT/commit/0c394a795b9c10c07085361e6fcea286ee793701https://github.com/cyberaz0r/WebRAT/commit/0c394a795b9c10c07085361e6fcea286ee793701
advisoryquoteArbitrary PHP File Upload Vulnerability fixedArbitrary PHP File Upload Vulnerability fixedArbitrary PHP File Upload Vulnerability fixed
cveCVE-2020-36825CVE-2020-36825CVE-2020-36825
responsibleVulDBVulDBVulDB
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss4_vuldb_avNNN
cvss4_vuldb_acLLL
cvss4_vuldb_uiNNN
cvss4_vuldb_vcLLL
cvss4_vuldb_viLLL
cvss4_vuldb_vaLLL
cvss2_vuldb_auSSS
cvss2_vuldb_eNDNDND
cvss3_vuldb_prLLL
cvss3_vuldb_eXXX
cvss4_vuldb_atNNN
cvss4_vuldb_prLLL
cvss4_vuldb_scNNN
cvss4_vuldb_siNNN
cvss4_vuldb_saNNN
cvss4_vuldb_eXXX
cvss2_vuldb_basescore6.56.56.5
cvss2_vuldb_tempscore5.75.75.7
cvss3_vuldb_basescore6.36.36.3
cvss3_vuldb_tempscore6.06.06.0
cvss3_meta_basescore6.36.36.3
cvss3_meta_tempscore6.06.16.1
cvss4_vuldb_bscore5.35.35.3
cvss4_vuldb_btscore5.35.35.3
price_0day$0-$5k$0-$5k$0-$5k
cve_assigned1711148400 (03/23/2024)1711148400 (03/23/2024)1711148400 (03/23/2024)
cve_nvd_summaryA vulnerability has been found in cyberaz0r WebRAT up to 20191222 and classified as critical. This vulnerability affects the function download_file of the file Server/api.php. The manipulation of the argument name leads to unrestricted upload. The attack can be initiated remotely. The patch is identified as 0c394a795b9c10c07085361e6fcea286ee793701. It is recommended to apply a patch to fix this issue. VDB-257782 is the identifier assigned to this vulnerability.A vulnerability has been found in cyberaz0r WebRAT up to 20191222 and classified as critical. This vulnerability affects the function download_file of the file Server/api.php. The manipulation of the argument name leads to unrestricted upload. The attack can be initiated remotely. The patch is identified as 0c394a795b9c10c07085361e6fcea286ee793701. It is recommended to apply a patch to fix this issue. VDB-257782 is the identifier assigned to this vulnerability.A vulnerability has been found in cyberaz0r WebRAT up to 20191222 and classified as critical. This vulnerability affects the function download_file of the file Server/api.php. The manipulation of the argument name leads to unrestricted upload. The attack can be initiated remotely. The patch is identified as 0c394a795b9c10c07085361e6fcea286ee793701. It is recommended to apply a patch to fix this issue. VDB-257782 is the identifier assigned to this vulnerability.
cvss2_nvd_avNN
cvss2_nvd_acLL
cvss2_nvd_auSS
cvss2_nvd_ciPP
cvss2_nvd_iiPP
cvss2_nvd_aiPP
cvss3_cna_avNN
cvss3_cna_acLL
cvss3_cna_prLL
cvss3_cna_uiNN
cvss3_cna_sUU
cvss3_cna_cLL
cvss3_cna_iLL
cvss3_cna_aLL
cve_cnaVulDBVulDB
cvss2_nvd_basescore6.56.5
cvss3_cna_basescore6.36.3
eol1

PreviousOverviewNext

Want to stay up to date on a daily basis?

Enable the mail alert feature now!