CVE-2024-1875: Critical Vulnerability Found in SourceCodester Complaint Management System 1. Allowing Unrestricted File Upload

A critical vulnerability has been identified in the SourceCodester Complaint Management System (CMS) 1., an open-source web-based system used by organizations to manage customer complaints effectively. This vulnerability can lead to serious security threats, as it allows unauthorized users to perform unrestricted file uploads. The vulnerability is related to the users/register-complaint.php file, specifically in the Lodge Complaint Section. Attackers can exploit this vulnerability remotely, increasing the risk factor. This vulnerability has been publicly disclosed and has the potential to be exploited by malicious actors. The associated identifier of this vulnerability is VDB-254723.

Code Snippet

The following code snippet demonstrates the issue in the users/register-complaint.php file, where the lack of proper validation allows for unrestricted file uploads.

...
$file = $_FILES['image']['name'];
$filename = date("Y-m-d")."-".$file;
move_uploaded_file($_FILES["image"]["tmp_name"],"attachments/" . $filename);
...

In the code above, the absence of proper file extension and MIME type checking allows an attacker to upload any file type, including malicious scripts such as PHP shells or executable files.

Original References

The vulnerability was first identified by a security researcher and has since been documented in the following sources:
1. CVE-2024-1875: NVD (National Vulnerability Database)
2. VDB-254723: VulDB Entry for the Vulnerability

Create or obtain a malicious file, e.g., a PHP shell script.

2. Access the Lodge Complaint Section of the SourceCodester CMS (users/register-complaint.php).
3. Use the file upload functionality to upload the malicious file by bypassing the weak file validation in the system.
4. Locate the uploaded file on the server (usually in the "attachments" directory) and execute it, e.g., by accessing the file through a web browser.
5. Gain unauthorized access to the system and perform malicious activities, such as data theft or defacement of the website.

Prevention and Mitigation

To prevent potential exploitation of the CVE-2024-1875 vulnerability and secure the SourceCodester Complaint Management System, the following actions should be taken:

1. Apply proper validation checks on the file upload functionality, including checking for allowed file extensions and MIME types.
2. Implement a file scanning mechanism to detect any malicious files before they are uploaded to the system.

Regularly update the SourceCodester CMS and apply security patches as they become available.

4. Monitor server logs and other security tools for any unusual activities or signs of possible attacks related to this vulnerability.

Conclusion

The CVE-2024-1875 vulnerability in SourceCodester Complaint Management System 1. poses a significant security risk as it enables attackers to perform unrestricted file uploads. Organizations using this system should apply the necessary security measures and monitor their environment for any signs of an attack to safeguard their data and system integrity.

Timeline

Published on: 02/26/2024 16:27:53 UTC
Last modified on: 02/29/2024 01:43:56 UTC