CVE-2020-28072 – CVE-2020-28072 is a remote code execution vulne... (How to Fix)

Q: What is the severity of CVE-2020-28072?

CVE-2020-28072 has a CVSS score of 7.2 (HIGH). CVE-2020-28072 is a remote code execution vulnerability in DourceCodester Alumni Management System 1.0. Authenticated attackers can upload malicious files via gallery.php and execute arbitrary code on the server. This affects all installations of version 1.0 of this software.

📋 TL;DR

CVE-2020-28072 is a remote code execution vulnerability in DourceCodester Alumni Management System 1.0. Authenticated attackers can upload malicious files via gallery.php and execute arbitrary code on the server. This affects all installations of version 1.0 of this software.

💻 Affected Systems

Products:

DourceCodester Alumni Management System

Versions: 1.0

Operating Systems: Any OS running PHP web server

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated access to the gallery.php page.

📦 What is this software?

Alumni Management System by Alumni Management System Project

View all CVEs affecting Alumni Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attacker to execute arbitrary commands, steal data, install backdoors, pivot to other systems, and maintain persistent access.

🟠

Likely Case

Webshell installation leading to data theft, defacement, or use as part of a botnet.

🟢

If Mitigated

Limited impact with proper file upload restrictions and web application firewalls in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit code is publicly available on Packet Storm Security. Attack requires valid user credentials.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None known

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available or implementing workarounds.

🔧 Temporary Workarounds

Restrict File Uploads

all

Implement strict file upload validation including file type checking, size limits, and renaming uploaded files.

Disable gallery.php

linux

Temporarily disable or restrict access to the vulnerable gallery.php page.

mv gallery.php gallery.php.disabled
chmod 000 gallery.php

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to block malicious file uploads
Restrict network access to the application and implement strict authentication controls

🔍 How to Verify

Check if Vulnerable:

Check if gallery.php exists and allows file uploads without proper validation. Test with harmless file upload attempts.

Check Version:

Check application version in admin panel or configuration files.

Verify Fix Applied:

Attempt to upload a malicious file and verify it's blocked or properly sanitized.

📡 Detection & Monitoring

Log Indicators:

Unusual file uploads to gallery.php
POST requests with file uploads to gallery.php
Execution of unexpected PHP files

Network Indicators:

HTTP POST requests to gallery.php with file uploads
Unusual outbound connections from web server

SIEM Query:

source="web_logs" AND (uri="/gallery.php" AND method="POST" AND size>100000) OR (process="php" AND parent="web_server" AND cmdline="*malicious*"))

📊 Metadata

CVE ID: CVE-2020-28072

CVSS v3 Score: 7.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-434

Published: December 15, 2020

Last Updated: November 21, 2024

🔗 References

http://packetstormsecurity.com/files/160508/Alumni-Management-System-1.0-Shell-Upload.html Exploit,Third Party Advisory,VDB Entry
http://packetstormsecurity.com/files/160508/Alumni-Management-System-1.0-Shell-Upload.html Exploit,Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-28072, you might also want to check these: