CVE-2020-19802 – This vulnerability allows remote attackers to u... (How to Fix)

Q: What is the severity of CVE-2020-19802?

CVE-2020-19802 has a CVSS score of 9.8 (CRITICAL). This vulnerability allows remote attackers to upload malicious files to Milken DoyoCMS v2.3 systems, potentially leading to arbitrary code execution. Attackers can exploit the upload file type parameter to bypass security controls. All users running DoyoCMS v2.3 are affected.

📋 TL;DR

This vulnerability allows remote attackers to upload malicious files to Milken DoyoCMS v2.3 systems, potentially leading to arbitrary code execution. Attackers can exploit the upload file type parameter to bypass security controls. All users running DoyoCMS v2.3 are affected.

💻 Affected Systems

Products:

Milken DoyoCMS

Versions: v2.3

Operating Systems: Any OS running DoyoCMS

Default Config Vulnerable: ⚠️ Yes

Notes: All installations of DoyoCMS v2.3 are vulnerable by default.

📦 What is this software?

Doyocms by Doyocms Project

View all CVEs affecting Doyocms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with attacker gaining full control over the web server, data exfiltration, and lateral movement to other systems.

🟠

Likely Case

Webshell deployment leading to data theft, defacement, or use as a foothold for further attacks.

🟢

If Mitigated

Attack blocked at the web application firewall level with no file execution possible.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

File upload vulnerabilities are commonly exploited and require minimal technical skill.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: No official vendor advisory found

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available or implementing workarounds.

🔧 Temporary Workarounds

File Upload Restriction

all

Implement strict file type validation and whitelist only allowed extensions

Modify upload handling code to validate file extensions and MIME types

Web Application Firewall Rules

all

Block malicious file upload attempts at the WAF level

Configure WAF to block requests with suspicious file extensions in upload parameters

🧯 If You Can't Patch

Disable file upload functionality entirely if not required
Implement network segmentation to isolate the vulnerable system

🔍 How to Verify

Check if Vulnerable:

Check if running DoyoCMS v2.3 by examining version files or admin panel

Check Version:

Check version.txt or similar files in the DoyoCMS installation directory

Verify Fix Applied:

Test file upload functionality with various file types to ensure only allowed extensions are accepted

📡 Detection & Monitoring

Log Indicators:

Unusual file uploads with suspicious extensions
Multiple failed upload attempts
POST requests to upload endpoints with unusual parameters

Network Indicators:

HTTP POST requests to upload endpoints with unusual file extensions
Traffic patterns indicating file upload attempts

SIEM Query:

source="web_server" AND (method="POST" AND uri="*upload*" AND (file_extension="php" OR file_extension="jsp" OR file_extension="asp"))

📊 Metadata

CVE ID: CVE-2020-19802

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-434

Published: April 11, 2023

Last Updated: February 11, 2025

🔗 References

https://github.com/millken/doyocms Product
https://github.com/millken/doyocms Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-19802, you might also want to check these: