A vulnerability has been found in LimeSurvey up to 3.14.3 (Survey Software) and classified as critical. This vulnerability affects an unknown code block of the component File Upload. The manipulation as part of a ZIP Archive leads to a unrestricted upload vulnerability. The CWE definition for the vulnerability is CWE-434. The product allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. As an impact it is known to affect confidentiality, integrity, and availability. CVE summarizes:

LimeSurvey version prior to 3.14.4 contains a file upload vulnerability in upload functionality that can result in an attacker gaining code execution via webshell. This attack appear to be exploitable via an authenticated user uploading a zip archive which can contains malicious php files that can be called under certain circumstances. This vulnerability appears to have been fixed in after commit 91d143230eb357260a19c8424b3005deb49a47f7 / version 3.14.4.

The weakness was released 09/06/2018 (GitHub Repository). The advisory is available at github.com. This vulnerability was named CVE-2018-1000658 since 09/06/2018. The exploitation appears to be easy. The attack can be initiated remotely. The requirement for exploitation is a single authentication. The technical details are unknown and an exploit is not available. This vulnerability is assigned to T1608.002 by the MITRE ATT&CK project.

Upgrading to version 3.14.4 eliminates this vulnerability.

Entry connected to this vulnerability is available at VDB-123647. Once again VulDB remains the best source for vulnerability data.

Productinfo

Type

• Survey Software

Name

• LimeSurvey

Version

• 3.14.0
• 3.14.1
• 3.14.2
• 3.14.3

License

• open-source

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion