Umbraco cms 7.12.4 RCE vulnerability overview (3rd Aug 2020)

Preface: When we read the vulnerability article, we will despise those vulnerabilities that require authentication to execute. However, this type of design flaw should be considered because it is not limited to the inside threat area.

Background: Umbraco is the #1 Microsoft open source CMS in the world
Popular Sites Using Umbraco, For example: Instagram,slideshare,flickr,zippyshare,cnblogs,wattpad,…etc.

Technical details: Umbraco is primarily written in C#. It stores all data in relational database (Microsoft SQL Server) working on Microsoft IIS. For preventive protection, IT admin will install Reverse proxy in front of IIS server.

Vulnerability: Umbraco CMS design limitation causes Remote Code Execution. In this discussion, we predict that attackers can exploit previous vulnerabilities. For example: Umbraco CMS 8.2.2 cross-site request forgery CSRF. Exploitation of this vulnerability is usually carried out through malicious social engineering, such as tricking the victim into sending a fake email or link to the server. Therefore, stealing user credentials is not only a theory. For current vulnerabilities, the web server will encounter unknown risks. For details, please refer to attached diagram.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.