CVE-2022-37346 - Vulnerability Details - OpenCVE

EC-CUBE plugin 'Product Image Bulk Upload Plugin' 1.0.0 and 4.1.0 contains an insufficient verification vulnerability when uploading files. Exploiting this vulnerability allows a remote unauthenticated attacker to upload arbitrary files other than image files. If a user with an administrative privilege of EC-CUBE where the vulnerable plugin is installed is led to upload a specially crafted file, an arbitrary script may be executed on the system.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ec-cube	Product Image Bulk Upload

Configuration 1 [-]

OR	cpe:2.3:a:ec-cube:product_image_bulk_upload:1.0.0:::::ec-cube::
	cpe:2.3:a:ec-cube:product_image_bulk_upload:4.1.0:::::ec-cube::

No data.

References

Link	Providers
https://jvn.jp/en/jp/JVN30900552/index.html
https://www.ec-cube.net/info/weakness/20220909/product_images_uploader.php

History

No history.

MITRE

Status: PUBLISHED

Assigner: jpcert

Published: 2022-09-27T01:55:15

Updated: 2024-08-03T10:29:20.770Z

Reserved: 2022-09-09T00:00:00

Link: CVE-2022-37346

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-09-27T23:15:14.540

Modified: 2024-11-21T07:14:48.443

Link: CVE-2022-37346

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Product Image Bulk Upload Plugin", "vendor": "EC-CUBE CO.,LTD.", "versions": [{"status": "affected", "version": "1.0.0 and 4.1.0"}]}], "descriptions": [{"lang": "en", "value": "EC-CUBE plugin 'Product Image Bulk Upload Plugin' 1.0.0 and 4.1.0 contains an insufficient verification vulnerability when uploading files. Exploiting this vulnerability allows a remote unauthenticated attacker to upload arbitrary files other than image files. If a user with an administrative privilege of EC-CUBE where the vulnerable plugin is installed is led to upload a specially crafted file, an arbitrary script may be executed on the system."}], "problemTypes": [{"descriptions": [{"description": "Improper input validation", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-09-27T01:55:15", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.ec-cube.net/info/weakness/20220909/product_images_uploader.php"}, {"tags": ["x_refsource_MISC"], "url": "https://jvn.jp/en/jp/JVN30900552/index.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vultures@jpcert.or.jp", "ID": "CVE-2022-37346", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Product Image Bulk Upload Plugin", "version": {"version_data": [{"version_value": "1.0.0 and 4.1.0"}]}}]}, "vendor_name": "EC-CUBE CO.,LTD."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "EC-CUBE plugin 'Product Image Bulk Upload Plugin' 1.0.0 and 4.1.0 contains an insufficient verification vulnerability when uploading files. Exploiting this vulnerability allows a remote unauthenticated attacker to upload arbitrary files other than image files. If a user with an administrative privilege of EC-CUBE where the vulnerable plugin is installed is led to upload a specially crafted file, an arbitrary script may be executed on the system."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Improper input validation"}]}]}, "references": {"reference_data": [{"name": "https://www.ec-cube.net/info/weakness/20220909/product_images_uploader.php", "refsource": "MISC", "url": "https://www.ec-cube.net/info/weakness/20220909/product_images_uploader.php"}, {"name": "https://jvn.jp/en/jp/JVN30900552/index.html", "refsource": "MISC", "url": "https://jvn.jp/en/jp/JVN30900552/index.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T10:29:20.770Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.ec-cube.net/info/weakness/20220909/product_images_uploader.php"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://jvn.jp/en/jp/JVN30900552/index.html"}]}]}, "cveMetadata": {"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2022-37346", "datePublished": "2022-09-27T01:55:15", "dateReserved": "2022-09-09T00:00:00", "dateUpdated": "2024-08-03T10:29:20.770Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ec-cube:product_image_bulk_upload:1.0.0:*:*:*:*:ec-cube:*:*", "matchCriteriaId": "3F48A833-CD45-4AA6-9983-4CB122694BBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ec-cube:product_image_bulk_upload:4.1.0:*:*:*:*:ec-cube:*:*", "matchCriteriaId": "9E09F41E-687B-4825-8B21-D3A1F2979F6A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "EC-CUBE plugin 'Product Image Bulk Upload Plugin' 1.0.0 and 4.1.0 contains an insufficient verification vulnerability when uploading files. Exploiting this vulnerability allows a remote unauthenticated attacker to upload arbitrary files other than image files. If a user with an administrative privilege of EC-CUBE where the vulnerable plugin is installed is led to upload a specially crafted file, an arbitrary script may be executed on the system."}, {"lang": "es", "value": "El plugin EC-CUBE \"Product Image Bulk Upload Plugin\" versiones 1.0.0 y 4.1.0, contiene una vulnerabilidad de verificaci\u00f3n insuficiente cuando se descargan archivos. La explotaci\u00f3n de esta vulnerabilidad permite a un atacante remoto no autenticado subir archivos arbitrarios que no sean de imagen. Si un usuario con privilegios administrativos de EC-CUBE donde est\u00e1 instalado el plugin vulnerable es conllevado a subir un archivo especialmente dise\u00f1ado, un script arbitrario puede ser ejecutado en el sistema"}], "id": "CVE-2022-37346", "lastModified": "2024-11-21T07:14:48.443", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-09-27T23:15:14.540", "references": [{"source": "vultures@jpcert.or.jp", "tags": ["Third Party Advisory"], "url": "https://jvn.jp/en/jp/JVN30900552/index.html"}, {"source": "vultures@jpcert.or.jp", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.ec-cube.net/info/weakness/20220909/product_images_uploader.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://jvn.jp/en/jp/JVN30900552/index.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.ec-cube.net/info/weakness/20220909/product_images_uploader.php"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "nvd@nist.gov", "type": "Primary"}]}