The vulnerability is publicly known since at least 2015.
Vulnerable component: jQuery File Upload
CVSSv3 score: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C
CWE-ID: CWE-434 - Unrestricted Upload of File with Dangerous Type
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists in the plugin's source code that handles file uploads to PHP servers due to software allows upload of arbitrary files to the system. A remote unauthenticated attacker can upload arbitrary .htaccess file to impose security restrictions to its upload folder and upload backdoors and web shells.
Latest references in media:
- A jQuery plugin has been exploitable for 8 years [2018-10-24 04:01:10]
- Thousands of Applications Vulnerable to RCE via jQuery File Upload [2018-10-23 14:40:09]
- jQuery? More like prayQuery: File upload tool can be exploited to hijack at-risk websites [2018-10-23 01:20:01]
- Popular website plugin harboured a serious 0-day for years [2018-10-22 14:31:30]
- Popular website plugin harboured a serious 0-day for years [2018-10-22 14:30:14]
- Thousands of applications affected by a zero-day issue in jQuery File Upload plugin [2018-10-20 10:40:07]
- 0-Day in jQuery Plugin Impacts Thousands of Applications [2018-10-19 20:20:11]
- jQuery File Upload Plugin Vulnerable for 8 Years and Only Hackers Knew [2018-10-19 16:52:23]
- Zero-day in popular jQuery plugin actively exploited for at least three years | ZDNet [2018-10-19 04:20:24]
- Apache Access Vulnerability Could Affect Thousands of Applications [2018-10-18 17:10:08]
Vulnerability scanning SaaS service is online 3-rd generation vulnerability scanner with scheduled assessments and vulnerability subscription. You can use service to check security of your network perimeter.