Lucene search

[email protected]CVE-2015-7309

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2015-7309

2022-10-0316:15:57

CWE-74

[email protected]

web.nvd.nist.gov

138

cve-2015-7309

theme editor

bolt

arbitrary code execution

file extension

renaming files

remote authenticated users

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.449 Medium

EPSS

Percentile

97.4%

JSON

The theme editor in Bolt before 2.2.5 does not check the file extension when renaming files, which allows remote authenticated users to execute arbitrary code by renaming a crafted file and then directly accessing it.

Affected configurations

NVD

Node

boltcmsboltRange≤2.2.0

CPENameOperatorVersion
boltcms:boltboltcms boltle2.2.0

CPE	Name	Operator	Version
boltcms:bolt	boltcms bolt	le	2.2.0

References

blog.curesec.com/article/blog/Bolt-224-Code-Execution-44.html

packetstormsecurity.com/files/133539/CMS-Bolt-2.2.4-File-Upload.html

seclists.org/fulldisclosure/2015/Aug/66

www.rapid7.com/db/modules/exploit/multi/http/bolt_file_upload

bolt.cm/newsitem/bolt-2-2-5-released

www.exploit-db.com/exploits/38196/

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.449 Medium

EPSS

Percentile

97.4%

JSON

Related for CVE-2015-7309

veracode1 prion1 nvd1 cvelist1 cbl_mariner1 rosalinux1