CVE-2019-12169 : ATutor 2.2.4 allows Arbitrary File Upload and Directory Traversal, resulting in

ATutor 2.2.4 allows Arbitrary File Upload and Directory Traversal, resulting in remote code execution via a ".." pathname in a ZIP archive to the mods/_core/languages/language_import.php (aka Import New Language) or mods/_standard/patcher/index_admin.php (aka Patcher) component.

Published 2019-06-03 20:29:01

Updated 2022-04-22 20:11:08

Source MITRE

View at NVD, CVE.org

Vulnerability category: Directory traversalExecute code

Products affected by CVE-2019-12169

Atutor » Atutor
Versions from including (>=) 2.2.1 and up to, including, (<=) 2.2.4
cpe:2.3:a:atutor:atutor:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2019-12169

EPSS FAQ

89.17%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 100 %

Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2019-12169

ATutor 2.2.4 - Directory Traversal / Remote Code Execution,

Disclosure Date: 2019-05-17

First seen: 2020-06-30

exploit/multi/http/atutor_upload_traversal

This module exploits an arbitrary file upload vulnerability together with a directory traversal flaw in ATutor versions 2.2.4, 2.2.2 and 2.2.1 in order to execute arbitrary commands. It first creates a zip archive containing a malicious PHP file. The zip

More information

CVSS scores for CVE-2019-12169

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H	2.8	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2019-12169

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2019-12169

http://incidentsecurity.com/atutor-2-2-4-language_import-arbitrary-file-upload-rce/

ATutor 2.2.4 'language_import' Arbitrary File Upload / RCE (CVE-2019-12169) » Incident Security
Exploit;Third Party Advisory
https://github.com/fuzzlove/ATutor-2.2.4-Language-Exploit

GitHub - fuzzlove/ATutor-2.2.4-Language-Exploit: ATutor 2.2.4 Arbitrary File Upload / RCE (CVE-2019-12169)
Exploit;Third Party Advisory
http://packetstormsecurity.com/files/158246/ATutor-2.2.4-Directory-Traversal-Remote-Code-Execution.html

ATutor 2.2.4 Directory Traversal / Remote Code Execution ≈ Packet Storm
Exploit;Third Party Advisory;VDB Entry
https://github.com/fuzzlove

fuzzlove (Joseph McPeters) · GitHub
Third Party Advisory
http://packetstormsecurity.com/files/153870/ATutor-2.2.4-Arbitrary-File-Upload-Command-Execution.html

ATutor 2.2.4 Arbitrary File Upload / Command Execution ≈ Packet Storm
Exploit;Third Party Advisory;VDB Entry

Jump to