CVE-2006-4558

DeluxeBB < 1.06 - Remote Code Execution via Double Extension File Upload

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-4558. PoCs published by rgod.

AI-analyzed exploit summary This exploit targets DeluxeBB <= v1.06 by uploading a malicious PHP file disguised as an attachment with a double extension (e.g., .php.php.rar). The exploit leverages Apache's mod_mime to execute the uploaded PHP code, achieving remote command execution (RCE).

Description

DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the mod_mime module, allows remote attackers to execute arbitrary PHP code by uploading files with double extensions via the fileupload parameter in a newthread action in newpost.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · phpwebappsphp

https://www.exploit-db.com/exploits/1797

View Code ZIP pw:eip

This exploit targets DeluxeBB <= v1.06 by uploading a malicious PHP file disguised as an attachment with a double extension (e.g., .php.php.rar). The exploit leverages Apache's mod_mime to execute the uploaded PHP code, achieving remote command execution (RCE).

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: DeluxeBB <= v1.06

No auth needed

Prerequisites: Target server running DeluxeBB <= v1.06 · Apache mod_mime configured to execute double-extension files

MITRE ATT&CK