CVE-2023-39424

CRITICAL

ResortData IRM Next Gen - Authenticated Arbitrary File Upload & RCE via RDPngFileUpload.dll

Title source: llm

Description

A vulnerability in RDPngFileUpload.dll, as used in the IRM Next Generation booking system, allows a remote attacker to upload arbitrary content (such as a web shell component) to the SQL database and execute it with SYSTEM privileges. This vulnerability requires authentication to be exploited but can be paired with another vulnerability in the platform (CVE-2023-39420, which grants access to hardcoded credentials) to carry the attack without having assigned credentials.

References (1)

Core 1

Core References

Third Party Advisory

https://bitdefender.com/blog/labs/check-out-with-extra-charges-vulnerabilities-in-hotel-booking-engine-explained

Scores

CVSS v3 9.9

EPSS 0.0074

EPSS Percentile 49.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-434 CWE-74

Status published

Products (1)

resortdata/internet_reservation_module_next_generation 5.3.2.15

Published Sep 07, 2023

Tracked Since Feb 18, 2026