HTTP: ManageEngine DesktopCentral AgentLogUpload Arbitrary File Upload
This signature detects attempts to exploit a known vulnerability in ManageEngine DesktopCentral. The vulnerability is due to lack of authentication and insufficient input validation in the AgentLogUploadServlet.class when processing HTTP requests. A remote unauthenticated attacker can upload arbitrary files to arbitrary locations. In a successful attack scenario,the attacker can execute arbitrary code with SYSTEM privileges by placing executable files in critical locations.
Extended Description
Unrestricted file upload vulnerability in AgentLogUploadServlet in ManageEngine DesktopCentral 7.x and 8.0.0 before build 80293 allows remote attackers to execute arbitrary code by uploading a file with a jsp extension, then accessing it via a direct request to the file in the webroot.
Affected Products
Zohocorp manageengine_desktop_central
References
BugTraq: 63784
CVE: CVE-2013-7390
URL: http://security-assessment.com/files/documents/advisory/Desktop%20Central%20Arbitrary%20File%20Upload.pdf http://seclists.org/fulldisclosure/2013/Nov/130 http://archives.manageengine.com/desktop-central/ http://security-assessment.com/files/documents/advisory/desktop%20central%20arbitrary%20file%20upload.pdf
Short Name
HTTP:MISC:MANAGEENGINE-FILE-UP
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
AgentLogUpload Arbitrary CVE-2013-7390 DesktopCentral File ManageEngine Upload bid:63784
Release Date
02/18/2014
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Zohocorp
CVSS Score
7.5