CVE-2017-15054

HIGH

TeamPass < 2.1.27.9 - Authenticated Arbitrary File Upload and Remote Code Execution via upload.files.php

Title source: llm

Description

An arbitrary file upload vulnerability, present in TeamPass before 2.1.27.9, allows remote authenticated users to upload arbitrary files leading to Remote Command Execution. To exploit this vulnerability, an authenticated attacker has to tamper with parameters of a request to upload.files.php, in order to select the correct branch and be able to upload any arbitrary file. From there, it can simply access the file to execute code on the server.

References (2)

Core 2

Core References

Exploit, Technical Description, Third Party Advisory x_refsource_misc

http://blog.amossys.fr/teampass-multiple-cve-01.html

Patch x_refsource_misc

https://github.com/nilsteampassnet/TeamPass/commit/9811c9d453da4bd1101ff7033250d1fbedf101fc

View Patch ZIP pw:eip

Scores

CVSS v3 7.5

EPSS 0.0350

EPSS Percentile 87.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-434

Status published

Products (2)

nilsteampassnet/teampass 0 - 2.1.27.9Packagist

teampass/teampass < 2.1.27.9

Published Nov 27, 2017

Tracked Since Feb 18, 2026