Weaver E-Office Arbitrary File Upload Scanner

Weaver E-Office is a widely used office automation software, designed to help organizations manage their administrative tasks more effectively. It's used by various enterprises and government institutions to streamline their workflow. Primarily known for its document management functionalities, Weaver is often employed for handling sensitive information within organizations. The software facilitates collaboration and operational efficiency, attracting a broad base of professional users. As a pivotal tool in office management, it plays a critical role in the daily operations of businesses relying on automated solutions. Due to its integration capabilities, users benefit from seamless connections with other productivity tools.

The vulnerability detected is an Arbitrary File Upload in Weaver E-Office specifically within the do_excel.php endpoint. Such vulnerabilities allow attackers to upload malicious files, which can be executed remotely to compromise the system. Exploiting this flaw could enable unauthorized access, leading to potential data breaches or service disruptions. This type of vulnerability is critical as it may provide a gateway to further attacks on the system or the network at large. Its presence signifies a significant security risk, warranting immediate attention and rectification to maintain system integrity. Effective detection is necessary to prevent exploitation that could lead to serious security ramifications.

Vulnerability Details reveal that the flaw resides within the endpoints "/general/charge/charge_list/do_excel.php" and "/general/charge/charge_list/excel.php." An attacker might exploit this through POST requests with specific payloads that include executable scripts. The matchers identify successful exploitation by checking for certain unique strings in the response. The system fails to properly validate the contents of the data being uploaded, allowing unwanted scripts to execute. These technical flaws highlight oversight in input validation processes, common in improperly secured file upload functionalities. Addressing such issues is crucial to prevent unauthorized file additions to the server.

When this vulnerability is exploited by malicious entities, the potential effects include unauthorized data manipulation and significant information leakage. Attackers could upload malicious scripts, executing remote commands to take control of the server. This manipulation can lead to unauthorized access to sensitive information and even escalate to further attacks on networked systems. It threatens the confidentiality, integrity, and availability of the overall system. The exploitation of this weakness could result in operational disruptions and damage to organizational credibility and trust. The consequences underscore the critical need for prompt detection and rectification.

REFERENCES

• http://weaver.5.cn/