CVE-2018-12941
HIGHSeedDMS < 5.1.8 - Authenticated Remote Code Execution via Cache Directory Path Manipulation
Title source: llmDescription
This vulnerability allows remote attackers to execute arbitrary code in SeedDMS (formerly LetoDMS and MyDMS) before 5.1.8 by adding a system command at the end of the "cacheDir" path and following usage of the "Clear Cache" functionality. This allows an authenticated attacker, with permission to the Settings functionality, to inject arbitrary system commands within the application by manipulating the "Cache directory" path. An attacker can use it to perform malicious tasks such as to extract, change, or delete sensitive information or run system commands on the underlying operating system.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_misc
https://www.contextis.com/resources/advisories/cve-2018-12941
Third Party Advisory x_refsource_confirm
https://sourceforge.net/p/seeddms/code/ci/seeddms-5.1.x/tree/CHANGELOG
Scores
CVSS v3
8.8
EPSS
0.0358
EPSS Percentile
88.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-20
Status
published
Products (1)
seeddms/seeddms
< 5.1.8
Published
Jul 31, 2018
Tracked Since
Feb 18, 2026