An unrestricted file upload vulnerability exists in ProcessMaker versions prior to 3.5.4 due to improper handling of uploaded plugin archives. An attacker with administrative privileges can upload a malicious .tar plugin file containing arbitrary PHP code. Upon installation, the pluginโs install() method is invoked, resulting in execution of attacker-supplied PHP code on the server with the privileges of the web server user.ย This vulnerability can be chained with CVE-2022-38577 โ a privilege escalation flaw in the user profile page โ to achieve full remote code execution from a low-privileged account.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation6 reference(s) from NVD