Skip to content

File Download Vulnerability in DEXT5Upload 2.7.1262310 by xcuter

The Best Web Vulnerability Scanner is Web Security Checker edited this page Dec 6, 2020 · 4 revisions

1. Summary

  • DEXT5Upload is a web component that can transfer large files.
  • DEXT5Upload 2.7.1262310 and earlier versions contains a vulnerability that could allow remote files to be downloaded.
  • Vulnerabilities in downloading with dext5handler.jsp allow files to be downloaded due to insufficient verification of download paths.

2. Payloads

  • dext5CMD --> downloadRequest
  • fileVirtualPath --> as you know..
  • fileOrgName --> (secret)
  • and some...

3. Proof

  • GET/POST Request to download

  • Contents of the downloaded file

4. How to find this vulnerability?

  • The "Web Security Checker" automatically diagnoses vulnerabilities in web services. It can diagnose the following vulnerabilities : SQL Injection, XSS, LFI, RFI, SSRF, File Upload, File Download, XXE, Command Injection, File Management, Direcroty Listing, Source Code Disclosure, URL Redirection, Insecure SSL/TLS, Mixed Content, Information Disclosure, HTTP Request Smuggling, SSI Injection, Insufficient Authorization, Personal Information Exposure, Specific Vulnerabilities(ShellShock, Dext5, CVEs, etc..)

  • https://www.ncloud.com/product/security/webSecurityChecker

5. Discoverer

#WebVulnberabilityScanner #웹취약점스캐너 #웹보안취약점 #웹해킹 #WebHacking