Zero-day vulnerability in MoinMoin

Arbitrary file upload

The vulnerability was exploited to compromise Debian's wiki and Python documentation website in December, 2012. The exploitation's method used is based on an exploit from Pastebin.

Vulnerability details

Advisory: SB2012072501 - Arbitrary file upload in MoinMoin

Vulnerable component: MoinMoin

CVE-ID: CVE-2012-6081

CVSSv3 score: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C

CWE-ID: CWE-434 - Unrestricted Upload of File with Dangerous Type


The vulnerability allows a remote authenticated attacker to compromise system.

The weakness exists due to insufficient validation of the filename extension when uploading files twikidraw (action/ and anywikidraw (action/ actions. A remote authenticated attacker with write permissions can upload and execute arbitrary file with executable extension.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Note: the vulnerability was being actively exploited.

Public Exploits: