CVE-2012-10054

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2012-10054
Umbraco CMS versions prior to 4.7.1 are vulnerable to unauthenticated remote code execution via the codeEditorSave.asmx SOAP endpoint, which exposes a SaveDLRScript operation that permits arbitrary file uploads without authentication. By exploiting a path traversal flaw in the fileName parameter, attackers can write malicious ASPX scripts directly into the web-accessible /umbraco/ directory and execute them remotely.
CVSS

No CVSS.

References
Link Resource
https://github.com/umbraco/Umbraco-CMS
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/umbraco_upload_aspx.rb
https://web.archive.org/web/20111017174609/http://umbraco.codeplex.com/releases/view/73692
https://web.archive.org/web/20120707033729/http://blog.gdssecurity.com/labs/2012/7/3/find-bugs-faster-with-a-webmatrix-local-reference-instance.html
https://www.exploit-db.com/exploits/19671
https://www.vulncheck.com/advisories/umbraco-cms-rce
https://web.archive.org/web/20120707033729/http://blog.gdssecurity.com/labs/2012/7/3/find-bugs-faster-with-a-webmatrix-local-reference-instance.html
Configurations

No configuration.

History

14 Aug 2025, 15:15

Type Values Removed Values Added
References () https://web.archive.org/web/20120707033729/http://blog.gdssecurity.com/labs/2012/7/3/find-bugs-faster-with-a-webmatrix-local-reference-instance.html - () https://web.archive.org/web/20120707033729/http://blog.gdssecurity.com/labs/2012/7/3/find-bugs-faster-with-a-webmatrix-local-reference-instance.html -

14 Aug 2025, 13:11

Type Values Removed Values Added
Summary
  • (es) Las versiones de Umbraco CMS anteriores a la 4.7.1 son vulnerables a la ejecución remota de código no autenticado a través del endpoint SOAP codeEditorSave.asmx, lo que expone una operación SaveDLRScript que permite la carga de archivos arbitrarios sin autenticación. Al explotar una vulnerabilidad de path traversal en el parámetro fileName, los atacantes pueden escribir scripts ASPX maliciosos directamente en el directorio web /umbraco/ y ejecutarlos remotamente.

13 Aug 2025, 21:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-08-13 21:15

Updated : 2025-08-14 15:15

NVD link : CVE-2012-10054

Mitre link : CVE-2012-10054

CVE.ORG link : CVE-2012-10054

JSON object : View

Products Affected

No product.

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-434

Unrestricted Upload of File with Dangerous Type