Acuity CMS Directory Traversal and Arbitrary File Upload Vulnerabilities

Bugtraq ID:	53616
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	May 21 2012 12:00AM
Updated:	May 21 2012 12:00AM
Credit:	Aung Khant
Vulnerable:	The Collective Acuity CMS 2.6.2
Not Vulnerable:

Acuity CMS Directory Traversal and Arbitrary File Upload Vulnerabilities

Acuity CMS is prone to a directory-traversal vulnerability and an arbitrary-file-upload vulnerability.

An attacker can exploit these issues to obtain sensitive information, to upload arbitrary code, and run it in the context of the webserver process.

Acuity CMS 2.6.2 is vulnerable; prior versions may also be affected.

Acuity CMS Directory Traversal and Arbitrary File Upload Vulnerabilities

An attacker can exploit these issues with a browser.

The following example exploits are available:

• /data/vulnerabilities/exploits/53616.txt

Acuity CMS Directory Traversal and Arbitrary File Upload Vulnerabilities

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Acuity CMS Directory Traversal and Arbitrary File Upload Vulnerabilities

References:

• Acuity CMS 2.6.x <= Arbitrary File Upload (Aung Khant)
  
• Acuity CMS 2.6.x <= Path Traversal Arbitrary File Access (Aung Khant)
  
• Acuity CMS Homepage (The Collective)