Description

Acunetix uploaded a ZIP file containing a symlink to /etc/passwd. It looks like that web application processed this file and returned the contents of /etc/passwd in response.

Remediation

The web application should filter symlinks included inside ZIP files.

References

Reading local files from Facebook's server

Related Vulnerabilities

WordPress Plugin Ninja Forms with File Uploads Extension Multiple Vulnerabilities (3.0.22)

WordPress Plugin Timetable and Event Schedule by MotoPress Information Disclosure (2.3.19)

WordPress Plugin Vertical SlideShow 'upload.php' Arbitrary File Upload (2.1)

WordPress Plugin Count per Day Information Disclosure (3.2.5)

WordPress Plugin Wholesale Market for WooCommerce Arbitrary File Download (1.0.7)

Severity

High

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Unauthenticated File Upload Information Disclosure