CVE-2021-23814

Source
https://cve.org/CVERecord?id=CVE-2021-23814
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-23814.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-23814
Aliases
Published
2021-12-17T20:15:08.340Z
Modified
2026-07-08T05:57:07.870517295Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

This affects versions of the package unisharp/laravel-filemanager before 2.6.2. The upload() function does not sufficiently validate the file type when uploading.

An attacker may be able to reproduce the following steps:

  1. Install a package with a web Laravel application.
  2. Navigate to the Upload window
  3. Upload an image file, then capture the request
  4. Edit the request contents with a malicious file (webshell)
  5. Enter the path of file uploaded on URL - Remote Code Execution

Note: Prevention for bad extensions can be done by using a whitelist in the config file(lfm.php). Corresponding document can be found in here.

Database specific
{
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "introduced": "0.0.0"
                }
            ],
            "source": "CPE_RANGE",
            "vendor_product": "unisharp:laravel-filemanager",
            "cpes": [
                "cpe:2.3:a:unisharp:laravel-filemanager:*:*:*:*:*:*:*:*"
            ]
        }
    ]
}
References

Affected packages

Git / github.com/unisharp/laravel-filemanager

Affected ranges

Type
GIT
Repo
https://github.com/unisharp/laravel-filemanager
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed
Database specific
{
    "source": [
        "DESCRIPTION",
        "REFERENCES"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.6.2"
        }
    ]
}

Affected versions

0.*
0.1.0
0.2.0
0.3.0
0.3.1
0.5.0
0.5.1
0.5.2
0.5.3
1.*
1.0.0
1.1.0
1.1.0-alpha
1.1.1
1.2.0
1.3.0-alpha
1.4.0-alpha
1.5.0
1.5.1
1.5.2
1.6.0
1.6.1
1.6.2
1.6.3
v1.*
v1.7-alpha
v1.7.0
v1.7.1
v1.7.2
v1.7.3
v1.7.4
v1.7.5
v1.7.6
v1.7.7
v1.9.0
v2.*
v2.0.0
v2.0.0-alpha
v2.0.0-alpha2
v2.0.0-alpha3
v2.0.0-alpha4
v2.0.0-alpha5
v2.0.0-alpha6
v2.0.0-alpha7
v2.0.0-alpha8
v2.0.1
v2.1.0
v2.2.0
v2.3.0
v2.4.0
v2.4.1
v2.5.0
v2.5.1
v2.6.0
v2.6.1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-23814.json"