Umbraco CMS TemplateService component update Function Arbitrary Code Execution Vulnerability

Umbraco CMS TemplateService component update Function Arbitrary Code Execution Vulnerability

Release date:
Updated on:

Affected Systems:
Umbraco CMS <6.0.4
Description:
CVE (CAN) ID: CVE-2013-4793

Umbraco is an open source CMS Content Management system. It is built based on asp.net and uses mssql to store data.

Umbraco CMS versions earlier than 6.0.4 have a security vulnerability in implementation, which allows remote attackers to execute arbitrary ASP. NET code by constructing SOAP requests. The vulnerability is located in the TemplateService component umbraco. webservices/templates/templateService. cs. The source code is:

[WebMethod]
Public void update (templateCarrier carrier, string username, string password)
{

...
Cms. businesslogic. template. Template template;
Try
{
Template = new cms. businesslogic. template. Template (carrier. Id );
}
...
Template. Design = carrier. Design;
Template. Save ();

<* Source: MWR Labs
*>

Suggestion:
Temporary solution:

If you cannot install or upgrade the patch immediately, NSFOCUS recommends that you take the following measures to reduce the threat:

* Delete umbraco. webservices. dll that processes Web Service requests.

Or

* Authenticate () is called at the beginning of TemplateService update ().

Vendor patch:

Umbraco CMS
-----------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://umbraco.com/

This article permanently updates the link address: