CVE-2025-34336
Gravedad CVSS v4.0:
MEDIA
Tipo:
CWE-434
Subida sin restricciones de ficheros de tipos peligrosos
Fecha de publicación:
19/11/2025
Última modificación:
19/11/2025
Descripción
*** Pendiente de traducción *** eGovFramework/egovframe-common-components versions up to and including 4.3.1 contain an unauthenticated file upload vulnerability via the /utl/wed/insertImage.do and /utl/wed/insertImageCk.do image upload endpoints. These controllers accept multipart requests without authentication, pass the uploaded content to a shared upload helper, and store the file on the server under a framework-controlled path. The framework then returns a download URL that can be used to retrieve the uploaded content, including an attacker-controlled Content-Type within the limits of the image upload functionality. While a filename extension whitelist is enforced, the attacker fully controls the file contents. The response MIME type used is also attacker-controlled when the file is served up to version
Impacto
Puntuación base 4.0
6.90
Gravedad 4.0
MEDIA
Referencias a soluciones, herramientas e información
- https://github.com/eGovFramework/egovframe-common-components
- https://pierrekim.github.io/advisories/2025-egovframe.txt
- https://pierrekim.github.io/blog/2025-11-20-egovframe-2-vulnerabilities.html
- https://www.egovframe.go.kr/eng/sub.do?menuNo=2
- https://www.vulncheck.com/advisories/egovframework-unauthenticated-file-upload-via-web-editor-image-upload-endpoints