CVE-2019-17058 – This vulnerability allows administrators of Foo... (How to Fix)

Q: What is the severity of CVE-2019-17058?

CVE-2019-17058 has a CVSS score of 9.1 (CRITICAL). This vulnerability allows administrators of Footy Tipping Software AFL Web Edition 2019 to bypass file upload whitelist restrictions and upload malicious files. Attackers can achieve remote code execution by uploading a crafted upload.dat file. Only administrators of the affected software are affected.

📋 TL;DR

This vulnerability allows administrators of Footy Tipping Software AFL Web Edition 2019 to bypass file upload whitelist restrictions and upload malicious files. Attackers can achieve remote code execution by uploading a crafted upload.dat file. Only administrators of the affected software are affected.

💻 Affected Systems

Products:

Footy Tipping Software AFL Web Edition

Versions: 2019 edition

Operating Systems: Windows, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Requires administrator access to exploit. The vulnerability exists in the file upload functionality.

📦 What is this software?

Tipping Software by Footy

View all CVEs affecting Tipping Software →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining complete control over the server, data theft, and lateral movement within the network.

🟠

Likely Case

Server compromise leading to data exfiltration, installation of backdoors, or ransomware deployment.

🟢

If Mitigated

Limited impact with proper file upload validation and administrator access controls in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires administrator credentials. The vulnerability is well-documented with public proof-of-concept available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available or implementing workarounds.

🔧 Temporary Workarounds

Implement strict file upload validation

all

Add server-side validation that checks file extensions, MIME types, and file signatures before allowing uploads.

Restrict administrator access

all

Limit administrator accounts to trusted personnel only and implement multi-factor authentication.

🧯 If You Can't Patch

Disable file upload functionality entirely if not required
Implement web application firewall rules to block malicious file upload patterns

🔍 How to Verify

Check if Vulnerable:

Check if you are running Footy Tipping Software AFL Web Edition 2019. Review file upload functionality for proper validation.

Check Version:

Check software documentation or interface for version information

Verify Fix Applied:

Test file upload functionality with various file types to ensure proper validation is in place.

📡 Detection & Monitoring

Log Indicators:

Unusual file uploads, especially upload.dat files
Administrator account activity during non-business hours
Execution of unexpected system commands

Network Indicators:

Unusual outbound connections from the server
Large data transfers from the server

SIEM Query:

source="web_server" AND (file_upload="upload.dat" OR file_extension="dat")

📊 Metadata

CVE ID: CVE-2019-17058

CVSS v3 Score: 9.1 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE: CWE-434

Published: November 18, 2019

Last Updated: November 21, 2024

🔗 References

https://blog.contentsecurity.com.au/footy-tipping-software-whitelisting-bypass Third Party Advisory
https://blog.contentsecurity.com.au/footy-tipping-software-whitelisting-bypass Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2019-17058, you might also want to check these: