CVE-2012-1010
published 2012-02-07CVE-2012-1010: Unrestricted file upload vulnerability in actions.php in the AllWebMenus plugin before 1.1.8 for WordPress allows remote attackers to execute arbitrary PHP…
PriorityP260high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
9.52%
94.8th percentile
Unrestricted file upload vulnerability in actions.php in the AllWebMenus plugin before 1.1.8 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a ZIP file containing a PHP file, then accessing it via a direct request to the file in an unspecified directory.
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| likno | allwebmenus_plugin | <= 1.1.7 | — |
| likno | allwebmenus_plugin | — | — |
| likno | allwebmenus_plugin | — | — |
| likno | allwebmenus_plugin | — | — |
| likno | allwebmenus_plugin | — | — |
| likno | allwebmenus_plugin | — | — |
| likno | allwebmenus_plugin | — | — |
| likno | allwebmenus_plugin | — | — |
| likno | allwebmenus_plugin | — | — |
| likno | allwebmenus_plugin | — | — |
| likno | allwebmenus_plugin | — | — |
| likno | allwebmenus_plugin | — | — |
| likno | allwebmenus_plugin | — | — |
| likno | allwebmenus_plugin | — | — |
| likno | allwebmenus_plugin | — | — |
| likno | allwebmenus_plugin | — | — |
| likno | allwebmenus_plugin | — | — |
| likno | allwebmenus_plugin | — | — |
| likno | allwebmenus_plugin | — | — |
| likno | allwebmenus_plugin | — | — |
| likno | allwebmenus_plugin | — | — |
| likno | allwebmenus_plugin | — | — |
Detection & IOCsextracted from sources · hover to see the quote
urlwp-admin/options-general.php?page=allwebmenus-wordpress-menu-plugin/allwebmenus-wordpress-menu.php↗
- →Detect ZIP file upload requests to actions.php in the AllWebMenus WordPress plugin; a ZIP containing a PHP file is the exploit delivery mechanism. ↗
- →Monitor HTTP requests where the Referer header is set to 'wp-admin/options-general.php?page=allwebmenus-wordpress-menu-plugin/allwebmenus-wordpress-menu.php' combined with a file upload action — this is the spoofed referrer required by the exploit. ↗
- →Alert on unauthenticated or low-privilege POST requests to actions.php within the AllWebMenus plugin path, particularly those uploading files named awm.zip. ↗
- ·Version 1.1.8 added a Referer check as a partial mitigation, but it can be bypassed by spoofing the HTTP_REFERER header — patching to >=1.1.8 alone is insufficient if the upload endpoint remains exposed. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4m7w-g6rc-g3w7: Unrestricted file upload vulnerability in actions
ghsa_unreviewed·2022-05-17
CVE-2012-1010 [HIGH] CWE-20 GHSA-4m7w-g6rc-g3w7: Unrestricted file upload vulnerability in actions
Unrestricted file upload vulnerability in actions.php in the AllWebMenus plugin before 1.1.8 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a ZIP file containing a PHP file, then accessing it via a direct request to the file in an unspecified directory.
Cisco
Cisco NX-OS Malformed IP Packet Denial of Service Vulnerability
vendor_cisco
CVE-2012-0352 Cisco NX-OS Malformed IP Packet Denial of Service Vulnerability
CVE-2012-0352: Cisco NX-OS Malformed IP Packet Denial of Service Vulnerability
Cisco NX-OS Software is affected by a denial of service (DoS) vulnerability that could cause Cisco Nexus 1000v, 1010, 5000, and 7000 Series Switches, and the Cisco Virtual Security Gateway (VSG) for Nexus 1000V Series Switches, that are running affected versions of Cisco NX-OS Software to reload when the IP stack processes a malformed IP packet. Cisco has released software updates that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120215-nxos
Bug IDs: CSCti23447, CSCti49507, CSCtj01991, CSCti23447, CSCti49507
No detection rules found.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2012-01/0137.htmlhttp://secunia.com/advisories/47659http://wordpress.org/extend/plugins/allwebmenus-wordpress-menu-plugin/changelog/http://www.exploit-db.com/exploits/18407http://www.securityfocus.com/bid/51615https://exchange.xforce.ibmcloud.com/vulnerabilities/72640http://archives.neohapsis.com/archives/bugtraq/2012-01/0137.htmlhttp://secunia.com/advisories/47659http://wordpress.org/extend/plugins/allwebmenus-wordpress-menu-plugin/changelog/http://www.exploit-db.com/exploits/18407http://www.securityfocus.com/bid/51615https://exchange.xforce.ibmcloud.com/vulnerabilities/72640
2012-02-07
Published