virus logo Intrusion Prevention

Studio-42.elFinder.elFinderVolumeDriver.Arbitrary.File.Upload

description-logoDescription

This indicates an attack attempt to exploit an Arbitrary File Upload Vulnerability in Studio-42 elFinder.
This vulnerability is due to improper input validation on file names when uploading files through the connector.minimal.php endpoint when the software is running on Windows. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted request to the target server. Successfully exploiting this vulnerability could result in arbitrary file write of an unpermitted type and, in the worst case, remote code execution.

affected-products-logoAffected Products

Studio-42 elFinder prior to 2.1.61

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://github.com/advisories/GHSA-6p96-vfrc-fv32

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2022-05-16 20.316 Default_action:pass:drop
2022-05-03 20.308
ID 51490
Created Apr 25, 2022
Updated May 13, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2022-27115
Exploit Prediction Score 1.36%
Default Action drop
Active
Affected OS Linux
Affected App PHP_app