CVE-2015-6589
Kaseya Virtual System Administrator Authenticated Remote File Upload Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
3Exploited in Wild
-Decision
Descriptions
Directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) 7.0.0.0 before 7.0.0.33, 8..0.0.0 before 8.0.0.23, 9.0.0.0 before 9.0.0.19, and 9.1.0.0 before 9.1.0.9 allows remote authenticated users to write to and execute arbitrary files due to insufficient restrictions in file paths to json.ashx.
La vulnerabilidad de Salto de Directorio en Kaseya Virtual System Administrator (VSA) versiones 7.0.0.0 anteriores a 7.0.0.33, versiones 8..0.0.0 anteriores a 8.0.0.23, versiones 9.0.0.0 anteriores a 9.0.0.19 y versiones 9.1.0.0 anteriores a 9.1.0.9, permite a usuarios autenticados remotos escribir y ejecutar archivos arbitrarios debido a restricciones insuficientes en las rutas de archivos en el archivo json.ashx.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Kaseya Virtual System Administrator. Authentication is required to exploit this vulnerability.
The specific flaw exists within the json.ashx HTTP handler, which does not restrict destination file paths. Attackers can leverage this vulnerability to upload and execute arbitrary code on the server under the context of IIS.
Kaseya Virtual System Administrator suffers from multiple code execution vulnerabilities and a privilege escalation vulnerability. VSA versions 7.0.0.0 through 7.0.0.32, 8.0.0.0 through 8.0.0.22, 9.0.0.0 through 9.0.0.18, and 9.1.0.0 through 9.1.0.8 are affected.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-08-21 CVE Reserved
- 2015-09-23 CVE Published
- 2015-09-28 First Exploit
- 2024-08-06 CVE Updated
- 2024-10-10 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
http://www.zerodayinitiative.com/advisories/ZDI-15-450 | Third Party Advisory | |
https://www.securityfocus.com/bid/76838 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Kaseya Search vendor "Kaseya" | Virtual System Administrator Search vendor "Kaseya" for product "Virtual System Administrator" | >= 7.0.0.0 < 7.0.0.33 Search vendor "Kaseya" for product "Virtual System Administrator" and version " >= 7.0.0.0 < 7.0.0.33" | - |
Affected
| ||||||
Kaseya Search vendor "Kaseya" | Virtual System Administrator Search vendor "Kaseya" for product "Virtual System Administrator" | >= 8.0.0.0 < 8.0.0.23 Search vendor "Kaseya" for product "Virtual System Administrator" and version " >= 8.0.0.0 < 8.0.0.23" | - |
Affected
| ||||||
Kaseya Search vendor "Kaseya" | Virtual System Administrator Search vendor "Kaseya" for product "Virtual System Administrator" | >= 9.0.0.0 < 9.0.0.19 Search vendor "Kaseya" for product "Virtual System Administrator" and version " >= 9.0.0.0 < 9.0.0.19" | - |
Affected
| ||||||
Kaseya Search vendor "Kaseya" | Virtual System Administrator Search vendor "Kaseya" for product "Virtual System Administrator" | >= 9.1.0.0 < 9.1.0.9 Search vendor "Kaseya" for product "Virtual System Administrator" and version " >= 9.1.0.0 < 9.1.0.9" | - |
Affected
|