Remote Code Execution in ImpressCMS before 1.4.2 via Directory Traversal and Unsafe Interaction with CKEditor processImage.php

Remote Code Execution in ImpressCMS before 1.4.2 via Directory Traversal and Unsafe Interaction with CKEditor processImage.php

CVE-2022-24977 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

ImpressCMS before 1.4.2 allows unauthenticated remote code execution via ...../// directory traversal in origName or imageName, leading to unsafe interaction with the CKEditor processImage.php script. The payload may be placed in PHP_SESSION_UPLOAD_PROGRESS when the PHP installation supports upload_progress.

Learn more about our Cms Pen Testing.