All Products
Document Center

[Vulnerability notice] Variable overwrite vulnerability in DedeCMS

Last Updated: Apr 18, 2018

Vulnerability description

DedeCMS 5.5 has a variable overwrite vulnerability. The vulnerability is in the include\dialog\select_soft_post.php file, in which the variable $cfg_basedir is incorrectly initialized. An attacker can bypass authentication and system variables to initialize the file and upload any file to the specified directory.

The prerequisite for exploiting this vulnerability is register_globals=on, which allows you to assign values to related variables using a custom form.

Attackers can use open tools to exploit this vulnerability to directly upload Webshells and intrude websites.

How to fix

Upgrade DedeCMS to the latest official version.