Description

ColdFusion version 8.0.1 installs a vulnerable version of FCKEditor which is enabled by default. FCKEditor includes functionality to handle file uploads and file management, allowing an attacker to upload and execute malicious code.

Remediation

One fix is to edit the config.cfm file at \CFIDE\scripts\ajax\FCKeditor\editor\filemanager\connectors\cfm to disable uploads (consult CF8 and FCKEditor Security threat) .
Also, Adobe released a security patch for this issue and is a very high level patch that should be applied to your servers (consult Hotfix available for potential ColdFusion 8 input sanitization issue).

References

CF8 and FCKEditor Security threat

Related Vulnerabilities

MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9411)

PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1175)

IBM RTC Cross-site Scripting (XSS) Vulnerability (CVE-2020-4691)

Jetty Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-28163)

Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2021-26691)

Severity

High

Classification

CVE-2009-2265 CWE-22 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Arbitrary File Creation Missing Update Unauthenticated File Upload Code Execution