CVE-2019-15813

HIGH

Sentrifugo 3.2 - Authenticated Arbitrary File Upload via Restriction Bypass

Title source: llm

Exploitation Summary

EIP tracks 3 public exploits for CVE-2019-15813. PoCs published by Gurkirat Singh, creosote, wolf1892.

AI-analyzed exploit summary This exploit bypasses file upload restrictions in Sentrifugo 3.2 by authenticating and uploading a malicious PHP file, then executing commands via a web shell. It demonstrates a clear RCE vulnerability.

Description

Multiple file upload restriction bypass vulnerabilities in Sentrifugo 3.2 could allow authenticated users to execute arbitrary code via a webshell.

Exploits (3)

exploitdb WORKING POC

by Gurkirat Singh · pythonwebappsphp

https://www.exploit-db.com/exploits/48955

View Code ZIP pw:eip

This exploit bypasses file upload restrictions in Sentrifugo 3.2 by authenticating and uploading a malicious PHP file, then executing commands via a web shell. It demonstrates a clear RCE vulnerability.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Sentrifugo 3.2

Auth required

Prerequisites: Valid credentials for Sentrifugo · Network access to the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC

by creosote · textwebappsphp

https://www.exploit-db.com/exploits/47323

View Code ZIP pw:eip

This exploit demonstrates a file upload restriction bypass in Sentrifugo 3.2, allowing authenticated users to upload malicious PHP files by manipulating the 'filename' and 'Content-Type' fields in a multipart form request, leading to remote code execution (RCE).

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Sentrifugo 3.2

Auth required

Prerequisites: Authenticated access to Sentrifugo · Ability to intercept and modify HTTP requests

MITRE ATT&CK

T1105 - Ingress Tool Transfer T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec SUSPICIOUS 1 stars

by wolf1892 · poc

https://github.com/wolf1892/CVE-2019-15813

View Code ZIP pw:eip

The repository lacks functional exploit code and instead provides default credentials and a reference to an external archive (resume.zip) for a reverse PHP shell, which is a common tactic for distributing malware or fake exploits.

Classification

Suspicious 90%

Attack Type

Other

Complexity

Theoretical

Reliability

Theoretical

Target: Sentrifugo V3.2

Auth required

Prerequisites: access to the target system · default credentials

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/47323

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/159712/Sentrifugo-3.2-Shell-Upload-Restriction-Bypass.html

Scores

CVSS v3 8.8

EPSS 0.3324

EPSS Percentile 98.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-434

Status published

Products (1)

sentrifugo/sentrifugo 3.2

Published Sep 04, 2019

Tracked Since Feb 18, 2026