CVE-2024-43160 Scanner
CVE-2024-43160 Scanner - Arbitrary File Upload vulnerability in BerqWP
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
11 days 19 hours
Scan only one
Domain, IPv4
Toolbox
-
BerqWP is a WordPress plugin aimed at optimizing website speed through features like Core Web Vitals, caching, CDN, image optimization, CSS, and JavaScript adjustments. It is widely used by website administrators and developers seeking to enhance site performance and ensure faster loading times. The tool is designed for integration with WordPress sites, making it applicable for both personal blogs and professional business sites. Installed on websites looking to boost their search engine rankings, it helps in reducing page load times significantly. BerqWP is a versatile tool that appeals to technical users who manage their own site hosting and are knowledgeable about plugin installations and configurations. Due to its functionalities, the plugin is popular among those looking to meet modern web performance standards.
The vulnerability in BerqWP relates to the possibility of arbitrary file upload due to missing file type validation. This security vulnerability exists in all versions up to and including 1.7.6. Attackers can exploit this flaw to upload malicious files to the server hosting the WordPress site using the BerqWP plugin. By doing so, the attackers could potentially execute code on the server, achieve data exfiltration, or deploy further attacks. As the vulnerability does not require authentication, it poses a significant risk to any site using the affected plugin version. Quick identification and remediation of this vulnerability are therefore essential to maintain site integrity and security.
The Arbitrary File Upload vulnerability is particularly concerning due to the lack of input validation in the plugin's /api/store_webp.php file. Attackers can bypass security measures by uploading file types that are not typically allowed, exploiting the server's trust in file type correctness. The vulnerability is exploited via a POST request, which doesn't check for appropriate file extensions or types, culminating in potential file execution. The endpoint serves as a gateway for uploading files and does not verify the legitimacy or intent of the submitted content, leading to this security gap. Attackers could utilize this vulnerability in conjunction with other exploits to ensure persistence on the network or platform.
If the vulnerability is exploited, attackers can gain unauthorized access to the site’s host, leading to data leaks, defacement, or deployment of ransomware. Malicious files uploaded could compromise the site's availability, integrity, and confidentiality, causing significant harm. The exploitation may allow for the installation of scripts and malware, leading to further network penetration or denial of service attacks. Backend access could be obtained, leading to data manipulation or theft. This gap also risks damaging the organization’s reputation, potentially leading to loss of user trust and a downturn in web traffic.
REFERENCES