Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2021-43617Unrestricted File Upload in Php-laravel-framework

CWE-434Unrestricted File Upload5 documents5 sources
Severity
9.8CRITICALNVD
EPSS
52.8%
top 2.05%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Debian Php-laravel-frameworkLaravel Framework
Timeline
PublishedNov 14
Latest updateNov 16

Description

Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP content because Illuminate/Validation/Concerns/ValidatesAttributes.php lacks a check for .phar files, which are handled as application/x-httpd-php on systems based on Debian. NOTE: this CVE Record is for Laravel Framework, and is unrelated to any reports concerning incorrectly written user applications for image upload.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

debiandebian/php-laravel-framework< php-laravel-framework 6.20.14+dfsg-3 (bookworm)
NVDlaravel/framework8.70.2
Packagistlaravel/framework8.70.2

Patches

Patch: salsa.debian.orgPatch: salsa.debian.orgPatch: salsa.debian.org

🔴Vulnerability Details

2
GHSA
Withdrawn: Laravel Framework does not sufficiently block the upload of executable PHP content.2021-11-16
OSV
CVE-2021-43617: Laravel Framework through 82021-11-14

💥Exploits & PoCs

1
Exploit-DB
PHP Laravel 8.70.1 - Cross Site Scripting (XSS) to Cross Site Request Forgery (CSRF)2021-11-15

📋Vendor Advisories

1
Debian
CVE-2021-43617: php-laravel-framework - Laravel Framework through 8.70.2 does not sufficiently block the upload of execu...2021
CVE-2021-43617 — Unrestricted File Upload | cvebase