Login Sign Up

CVE-2017-15962

9.8 CRITICAL
Remote Code Execution

📋 TL;DR

CVE-2017-15962 is an arbitrary file upload vulnerability in iStock Management System 1.0 that allows attackers to upload malicious files via the user/profile endpoint. This affects all organizations using iStock Management System 1.0, potentially leading to complete system compromise.

💻 Affected Systems

Products:
  • iStock Management System
Versions: 1.0
Operating Systems: Any OS running PHP web server
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all installations of version 1.0; no specific configuration required for exploitation.

📦 What is this software?

Istock Management System by Istock Management System Project

View all CVEs affecting Istock Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system takeover with remote code execution, data theft, and lateral movement across the network.

🟠

Likely Case

Webshell deployment leading to server compromise, data exfiltration, and potential ransomware deployment.

🟢

If Mitigated

File upload blocked or properly validated, preventing malicious file execution.

🌐 Internet-Facing: HIGH - Directly exploitable via web interface without authentication.
🏢 Internal Only: MEDIUM - Still exploitable by internal attackers or compromised accounts.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: CONFIRMED
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Multiple public exploits available; trivial to exploit with basic web knowledge.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: None

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch exists. Upgrade to a newer version if available, or implement workarounds.

🔧 Temporary Workarounds

File Upload Restriction

all

Implement strict file type validation and whitelist allowed extensions

Modify PHP code to validate file extensions and MIME types before upload

Web Application Firewall Rules

all

Block file uploads to /user/profile endpoint or restrict to specific file types

WAF configuration depends on specific product (ModSecurity, Cloudflare, etc.)

🧯 If You Can't Patch

  • Disable file upload functionality entirely in the user/profile module
  • Implement network segmentation to isolate the vulnerable system from critical assets

🔍 How to Verify

Check if Vulnerable:

Attempt to upload a file with malicious extension (e.g., .php, .jsp) to /user/profile endpoint

Check Version:

Check system version in admin panel or configuration files

Verify Fix Applied:

Test that only allowed file types can be uploaded and malicious files are rejected

📡 Detection & Monitoring

Log Indicators:

  • File upload attempts to /user/profile with unusual extensions
  • Successful uploads of executable files

Network Indicators:

  • POST requests to /user/profile with file uploads
  • Subsequent requests to uploaded malicious files

SIEM Query:

web.url:*user/profile* AND (web.method:POST OR web.file_extension:php)

📊 Metadata

CVE ID: CVE-2017-15962
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-434
Published: October 29, 2017
Last Updated: April 20, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2017-15962, you might also want to check these:

CVE-2024-52490 10.0

This vulnerability allows attackers to upload arbitrary files, including web shells, to Pathomation ...

Same vulnerability type (CWE-434)
CVE-2024-43160 10.0

CVE-2024-43160 is an unauthenticated arbitrary file upload vulnerability in the BerqWP WordPress plu...

Same vulnerability type (CWE-434)
CVE-2024-8940 10.0

CVE-2024-8940 is a critical unrestricted file upload vulnerability in Scriptcase version 9.4.019 tha...

Same vulnerability type (CWE-434)