CVE-2020-19551 – This vulnerability allows attackers to bypass f... (How to Fix)

Q: What is the severity of CVE-2020-19551?

CVE-2020-19551 has a CVSS score of 8.8 (HIGH). This vulnerability allows attackers to bypass file upload blacklists in WUZHI CMS, potentially leading to remote code execution. It affects all WUZHI CMS installations up to version 4.1.0. Attackers can upload malicious files that execute arbitrary code on the server.

📋 TL;DR

This vulnerability allows attackers to bypass file upload blacklists in WUZHI CMS, potentially leading to remote code execution. It affects all WUZHI CMS installations up to version 4.1.0. Attackers can upload malicious files that execute arbitrary code on the server.

💻 Affected Systems

Products:

WUZHI CMS

Versions: All versions up to and including 4.1.0

Operating Systems: All platforms running PHP

Default Config Vulnerable: ⚠️ Yes

Notes: Requires file upload functionality to be enabled and accessible.

📦 What is this software?

Wuzhicms by Wuzhicms

View all CVEs affecting Wuzhicms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full server compromise allowing attackers to execute arbitrary commands, steal data, install backdoors, or pivot to other systems.

🟠

Likely Case

Webshell deployment leading to data theft, defacement, or use as part of a botnet.

🟢

If Mitigated

Limited impact with proper file upload restrictions and web application firewalls in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires file upload access, which may need authentication depending on configuration.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 4.1.1 or later

Vendor Advisory: https://github.com/wuzhicms/wuzhicms/issues/177

Restart Required: No

Instructions:

1. Backup your current installation. 2. Download WUZHI CMS 4.1.1 or later from the official repository. 3. Replace the vulnerable common.func.php file with the patched version. 4. Verify the fix by testing file upload functionality.

🔧 Temporary Workarounds

Disable File Uploads

all

Temporarily disable file upload functionality until patching is complete.

Modify CMS configuration to disable uploads or restrict to trusted users only

Implement Strict File Type Validation

all

Add server-side validation to only allow specific safe file types.

Add MIME type and extension validation in upload handling code

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to block malicious file uploads
Restrict file upload permissions to specific trusted users only

🔍 How to Verify

Check if Vulnerable:

Check if your WUZHI CMS version is 4.1.0 or earlier by examining the version file or admin panel.

Check Version:

Check the version.txt file or login to admin panel to see version information

Verify Fix Applied:

Verify the common.func.php file has been updated to version 4.1.1 or later and test file upload functionality with restricted file types.

📡 Detection & Monitoring

Log Indicators:

Unusual file uploads, especially with executable extensions
Multiple failed upload attempts followed by successful upload

Network Indicators:

HTTP POST requests to upload endpoints with unusual file types
Subsequent connections to uploaded files

SIEM Query:

source="web_server" AND (method="POST" AND uri="*upload*" AND (file_extension="php" OR file_extension="jsp" OR file_extension="asp"))

📊 Metadata

CVE ID: CVE-2020-19551

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-863

Published: September 21, 2021

Last Updated: November 21, 2024

🔗 References

https://github.com/wuzhicms/wuzhicms/issues/177 Exploit,Issue Tracking,Third Party Advisory
https://github.com/wuzhicms/wuzhicms/issues/177 Exploit,Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-19551, you might also want to check these: