Vulnerability Details CVE-2019-6714
An issue was discovered in BlogEngine.NET through 3.3.6.0. A path traversal and Local File Inclusion vulnerability in PostList.ascx.cs can cause unauthenticated users to load a PostView.ascx component from a potentially untrusted location on the local filesystem. This is especially dangerous if an authenticated user uploads a PostView.ascx file using the file manager utility, which is currently allowed. This results in remote code execution for an authenticated user.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.243
EPSS Ranking 95.8%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://packetstormsecurity.com/files/151628/BlogEngine.NET-3.3.6-Directory-Traversal-Remote-Code-Execution.html
- http://seclists.org/fulldisclosure/2019/Jun/26
- https://blogengine.io/
- https://github.com/rxtur/BlogEngine.NET/
- https://www.exploit-db.com/exploits/46353/
- http://packetstormsecurity.com/files/151628/BlogEngine.NET-3.3.6-Directory-Traversal-Remote-Code-Execution.html
- http://seclists.org/fulldisclosure/2019/Jun/26
- https://blogengine.io/
- https://github.com/rxtur/BlogEngine.NET/
- https://www.exploit-db.com/exploits/46353/
Products affected by CVE-2019-6714
-
cpe:2.3:a:blogengine:blogengine.net:3.3
-
cpe:2.3:a:blogengine:blogengine.net:3.3.5.0
-
cpe:2.3:a:blogengine:blogengine.net:3.3.6.0