CVE-2019-12102

CRITICAL

Kentico 11-12 - Info Disclosure

Title source: llm

Description

Kentico 11 through 12 lets attackers upload and explore files without authentication via the cmsmodules/medialibrary/formcontrols/liveselectors/insertimageormedia/tabs_media.aspx URI. NOTE: The vendor disputes the report because the researcher did not configure the media library permissions correctly. The vendor states that by default all users can read/modify/upload files, and it’s up to the administrator to decide who should have access to the media library and set the permissions accordingly. See the vendor documentation in the references for more information

Exploits (2)

nomisec SCANNER

by Egi08 · poc

https://github.com/Egi08/CVE-2019-12102-Scanner

View Code ZIP pw:eip

github NO CODE

by Gr4y21 · poc

https://github.com/Gr4y21/My-CVE-IDs/tree/master/CVE-2019-12102

View Code ZIP pw:eip

References (4)

[Vendor Advisory] https://devnet.kentico.com/download/hotfixes

[Various Sources] https://docs.kentico.com/k12/configuring-kentico/configuring-the-environment-for-content-editors/configuring-media-libraries/assigning-permissions-to-media-libraries

[Release Notes, Vendor Advisory] https://docs.kentico.com/k12/release-notes-kentico-12

[Broken Link] https://github.com/Gr4y21/My-CVE-IDs/blob/master/Kentico%20CMS%20Unauthenticated%20File%20Upload%20and%20File%20Exposure

Scores

CVSS v3 9.1

EPSS 0.0012

EPSS Percentile 31.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Details

CWE

CWE-732

Status published

Products (1)

kentico/xperience 11.0.0 - 12.0

Published May 22, 2019

Tracked Since Feb 18, 2026