Umbraco CMS 4.x Arbitrary aspx File Upload Vulnerability

2013-06-03T00:00:00
ID 1337DAY-ID-20844
Type zdt
Reporter Gemayel Lira
Modified 2013-06-03T00:00:00

Description

Umbraco CMS version 4.x is vulnerable to a remote code execution vulnerability. An attacker can upload files via an unsecured web service located at /umbraco/webservices/codeEditorSave.asmx (method SaveDLRScript). I created this exploit because in some audits the public exploit that juan vazquez created did not work, thank Toby Clarke to discover the flaw. This small code uploads apsx files to Umbraco CMS 4.x.

This is private exploit. You can buy it at https://0day.today