CVE-2023-27235 – This vulnerability allows attackers to upload m... (How to Fix)

Q: What is the severity of CVE-2023-27235?

CVE-2023-27235 has a CVSS score of 7.2 (HIGH). This vulnerability allows attackers to upload malicious .phtml files to Jizhicms administration panels, leading to remote code execution. Any organization running Jizhicms v2.4.5 with the vulnerable component is affected. Attackers can gain full control of affected web servers.

📋 TL;DR

This vulnerability allows attackers to upload malicious .phtml files to Jizhicms administration panels, leading to remote code execution. Any organization running Jizhicms v2.4.5 with the vulnerable component is affected. Attackers can gain full control of affected web servers.

💻 Affected Systems

Products:

Jizhicms

Versions: v2.4.5

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires access to admin panel, but authentication bypass may be possible through other vulnerabilities.

📦 What is this software?

Jizhicms by Jizhicms

View all CVEs affecting Jizhicms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server compromise allowing data theft, lateral movement, ransomware deployment, and persistent backdoor installation.

🟠

Likely Case

Webshell deployment leading to data exfiltration, defacement, and further exploitation of internal systems.

🟢

If Mitigated

Limited impact with proper file upload restrictions and web application firewalls blocking malicious uploads.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires admin access or authentication bypass. Public proof-of-concept available in GitHub issues.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v2.4.6 or later

Vendor Advisory: https://github.com/Cherry-toto/jizhicms/issues/85

Restart Required: No

Instructions:

1. Backup current installation. 2. Download latest version from official repository. 3. Replace vulnerable files. 4. Verify file upload restrictions are properly implemented.

🔧 Temporary Workarounds

File Upload Restriction

all

Restrict file uploads to specific extensions and implement server-side validation

Modify \admin\c\CommonController.php to validate file extensions before upload

Web Application Firewall

all

Deploy WAF rules to block .phtml file uploads and suspicious admin panel requests

🧯 If You Can't Patch

Disable file upload functionality in admin panel completely
Implement strict network segmentation and isolate Jizhicms from critical systems

🔍 How to Verify

Check if Vulnerable:

Check if running Jizhicms v2.4.5 and examine \admin\c\CommonController.php for file upload validation

Check Version:

Check Jizhicms configuration files or admin panel for version information

Verify Fix Applied:

Verify version is v2.4.6+ and test file upload with .phtml extension is rejected

📡 Detection & Monitoring

Log Indicators:

Unusual .phtml file uploads to admin panel
Multiple failed upload attempts
Successful uploads with unusual file names

Network Indicators:

POST requests to \admin\c\CommonController.php with file uploads
Subsequent requests to uploaded .phtml files

SIEM Query:

source="web_logs" AND (uri="/admin/c/CommonController.php" AND method="POST" AND file_extension=".phtml")

📊 Metadata

CVE ID: CVE-2023-27235

CVSS v3 Score: 7.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-434

Published: March 15, 2023

Last Updated: November 21, 2024

🔗 References

https://github.com/Cherry-toto/jizhicms/issues/85 Exploit,Issue Tracking
https://github.com/Cherry-toto/jizhicms/issues/85 Exploit,Issue Tracking

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-27235, you might also want to check these: