We have moved to GitHub Issues
You are viewing the read-only archive of Umbraco's issue tracker. To create new issues, please head over to GitHub Issues.
Make sure to read the blog posts announcing the move for more information.
Created by Sebastiaan Janssen 06 Oct 2017, 13:14:30 Updated by Tommy Enger 17 Oct 2017, 09:46:25
The attacker can use this vulnerability to read files on the server, or another attack like SSRF to find other open port and service on the network.
Fixed in https://github.com/umbraco/Umbraco-CMS/commit/5dde2efe0d2b3a47d17439e03acabb7ea2befb64
Hi @sebastiaan Is it pssible to give some more information about this vulnerability? How to exploit it? Do you need to be authenticated or can you be anonymous? Would you recommend to upgrade ASAP because of this?
We've classified this as very low priority. Only if you import a document type (for which you need to be an authenticated administrator) which has been tampered with can this be exploited.
Any administrator in the system will have an easier time just updating a template with some malicious C# in the template editor. :-)
To be extra careful, the advise is: on your live server, don't give anybody access to the settings or developer section.
Thanks.
Priority: Normal
Type: Bug
State: Fixed
Assignee:
Difficulty: Normal
Category: Security
Backwards Compatible: True
Fix Submitted:
Affected versions:
Due in version: 7.7.3, 7.6.10
Sprint:
Story Points: 0.5
Cycle: 4