CVE-2024-46986

2024-09-1818:15:07

CWE-22

CWE-74

GitHub_M

web.nvd.nist.gov

camaleon cms

arbitrary file write

ruby on rails

mediacontroller

remote code execution

upgrade

CVSS3

9.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS

0.001

Percentile

39.0%

JSON

Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. An arbitrary file write vulnerability accessible via the upload method of the MediaController allows authenticated users to write arbitrary files to any location on the web server Camaleon CMS is running on (depending on the permissions of the underlying filesystem). E.g. This can lead to a delayed remote code execution in case an attacker is able to write a Ruby file into the config/initializers/ subfolder of the Ruby on Rails application. This issue has been addressed in release version 2.8.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Affected configurations

Nvd

Vulners

Vulnrichment

Node

tuzitiocamaleon_cmsRange<2.8.2

VendorProductVersionCPE
tuzitiocamaleon_cms*cpe:2.3:a:tuzitio:camaleon_cms:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
tuzitio	camaleon_cms	*	cpe:2.3:a:tuzitio:camaleon_cms::::::::

CNA Affected

[
  {
    "vendor": "owen2345",
    "product": "camaleon-cms",
    "versions": [
      {
        "version": "< 2.8.2",
        "status": "affected"
      }
    ]
  }
]