CVE-2020-14209

HIGH

Dolibarr < 11.0.5 - Unrestricted File Upload

Title source: rule

Description

Dolibarr before 11.0.5 allows low-privilege users to upload files of dangerous types, leading to arbitrary code execution. This occurs because .pht and .phar files can be uploaded. Also, a .htaccess file can be uploaded to reconfigure access control (e.g., to let .noexe files be executed as PHP code to defeat the .noexe protection mechanism).

Exploits (1)

exploitdb WORKING POC

by Andrea Gonzalez · pythonwebappsphp

https://www.exploit-db.com/exploits/49711

View Code ZIP pw:eip

References (3)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/161955/Dolibarr-ERP-CRM-11.0.4-Bypass-Code-Execution.html

[Release Notes, Third Party Advisory] https://github.com/Dolibarr/dolibarr/releases/tag/11.0.5

[Third Party Advisory] https://www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2020-012

Scores

CVSS v3 8.8

EPSS 0.1017

EPSS Percentile 93.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-434

Status published

Products (2)

dolibarr/dolibarr < 11.0.5

dolibarr/dolibarr 0 - 11.0.5Packagist

Published Sep 02, 2020

Tracked Since Feb 18, 2026