CVE-2023-23607 - Vulnerability Details - OpenCVE

erohtar/Dasherr is a dashboard for self-hosted services. In affected versions unrestricted file upload allows any unauthenticated user to execute arbitrary code on the server. The file /www/include/filesave.php allows for any file to uploaded to anywhere. If an attacker uploads a php file they can execute code on the server. This issue has been addressed in version 1.05.00. Users are advised to upgrade. There are no known workarounds for this issue.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable yes

Technical Impact total

Vendors	Products
Dasherr Project	Dasherr

Configuration 1 [-]

cpe:2.3:a:dasherr_project:dasherr:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/erohtar/Dasherr/commit/445325c7cf1148a8cd38af3a90789c6cbf6c5112
https://github.com/erohtar/Dasherr/security/advisories/GHSA-6rgc-2x44-7phq
https://www.vicarius.io/vsociety/posts/analyzing-arbitrary-file-upload-in-dasherr-cve-2023-23607-23608

History

Mon, 10 Mar 2025 22:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 22 Nov 2024 12:00:00 +0000

Type	Values Removed	Values Added
References		https://www.vicarius.io/vsociety/posts/analyzing-arbitrary-file-upload-in-dasherr-cve-2023-23607-23608

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-01-20T20:03:45.071Z

Updated: 2025-03-10T21:21:19.983Z

Reserved: 2023-01-16T17:07:46.241Z

Link: CVE-2023-23607

Vulnrichment

Updated: 2024-08-19T07:47:54.182Z

NVD

Status : Modified

Published: 2023-01-20T21:15:11.167

Modified: 2024-11-21T07:46:31.390

Link: CVE-2023-23607

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-23607", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-01-16T17:07:46.241Z", "datePublished": "2023-01-20T20:03:45.071Z", "dateUpdated": "2025-03-10T21:21:19.983Z"}, "containers": {"cna": {"title": "Unrestricted file upload leads to Remote Code Execution in erohtar/Dasherr", "problemTypes": [{"descriptions": [{"cweId": "CWE-434", "lang": "en", "description": "CWE-434: Unrestricted Upload of File with Dangerous Type", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/erohtar/Dasherr/security/advisories/GHSA-6rgc-2x44-7phq", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/erohtar/Dasherr/security/advisories/GHSA-6rgc-2x44-7phq"}, {"name": "https://github.com/erohtar/Dasherr/commit/445325c7cf1148a8cd38af3a90789c6cbf6c5112", "tags": ["x_refsource_MISC"], "url": "https://github.com/erohtar/Dasherr/commit/445325c7cf1148a8cd38af3a90789c6cbf6c5112"}], "affected": [{"vendor": "erohtar", "product": "Dasherr", "versions": [{"version": "< 1.05.00", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-01-20T20:03:45.071Z"}, "descriptions": [{"lang": "en", "value": "erohtar/Dasherr is a dashboard for self-hosted services. In affected versions unrestricted file upload allows any unauthenticated user to execute arbitrary code on the server. The file /www/include/filesave.php allows for any file to uploaded to anywhere. If an attacker uploads a php file they can execute code on the server. This issue has been addressed in version 1.05.00. Users are advised to upgrade. There are no known workarounds for this issue.\n"}], "source": {"advisory": "GHSA-6rgc-2x44-7phq", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-19T07:47:54.182Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/erohtar/Dasherr/security/advisories/GHSA-6rgc-2x44-7phq", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/erohtar/Dasherr/security/advisories/GHSA-6rgc-2x44-7phq"}, {"name": "https://github.com/erohtar/Dasherr/commit/445325c7cf1148a8cd38af3a90789c6cbf6c5112", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/erohtar/Dasherr/commit/445325c7cf1148a8cd38af3a90789c6cbf6c5112"}, {"url": "https://www.vicarius.io/vsociety/posts/analyzing-arbitrary-file-upload-in-dasherr-cve-2023-23607-23608"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-10T21:02:28.625766Z", "id": "CVE-2023-23607", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-10T21:21:19.983Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/erohtar/Dasherr/security/advisories/GHSA-6rgc-2x44-7phq", "name": "https://github.com/erohtar/Dasherr/security/advisories/GHSA-6rgc-2x44-7phq", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/erohtar/Dasherr/commit/445325c7cf1148a8cd38af3a90789c6cbf6c5112", "name": "https://github.com/erohtar/Dasherr/commit/445325c7cf1148a8cd38af3a90789c6cbf6c5112", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://www.vicarius.io/vsociety/posts/analyzing-arbitrary-file-upload-in-dasherr-cve-2023-23607-23608"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-19T07:47:54.182Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-23607", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-03-10T21:02:28.625766Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-10T21:02:29.872Z"}}], "cna": {"title": "Unrestricted file upload leads to Remote Code Execution in erohtar/Dasherr", "source": {"advisory": "GHSA-6rgc-2x44-7phq", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "erohtar", "product": "Dasherr", "versions": [{"status": "affected", "version": "< 1.05.00"}]}], "references": [{"url": "https://github.com/erohtar/Dasherr/security/advisories/GHSA-6rgc-2x44-7phq", "name": "https://github.com/erohtar/Dasherr/security/advisories/GHSA-6rgc-2x44-7phq", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/erohtar/Dasherr/commit/445325c7cf1148a8cd38af3a90789c6cbf6c5112", "name": "https://github.com/erohtar/Dasherr/commit/445325c7cf1148a8cd38af3a90789c6cbf6c5112", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "erohtar/Dasherr is a dashboard for self-hosted services. In affected versions unrestricted file upload allows any unauthenticated user to execute arbitrary code on the server. The file /www/include/filesave.php allows for any file to uploaded to anywhere. If an attacker uploads a php file they can execute code on the server. This issue has been addressed in version 1.05.00. Users are advised to upgrade. There are no known workarounds for this issue.\n"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "CWE-434: Unrestricted Upload of File with Dangerous Type"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-01-20T20:03:45.071Z"}}}, "cveMetadata": {"cveId": "CVE-2023-23607", "state": "PUBLISHED", "dateUpdated": "2025-03-10T21:21:19.983Z", "dateReserved": "2023-01-16T17:07:46.241Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2023-01-20T20:03:45.071Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:dasherr_project:dasherr:*:*:*:*:*:*:*:*", "matchCriteriaId": "8BD184F8-3C80-4A3B-A198-5CA082851B8F", "versionEndExcluding": "1.05.00", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "erohtar/Dasherr is a dashboard for self-hosted services. In affected versions unrestricted file upload allows any unauthenticated user to execute arbitrary code on the server. The file /www/include/filesave.php allows for any file to uploaded to anywhere. If an attacker uploads a php file they can execute code on the server. This issue has been addressed in version 1.05.00. Users are advised to upgrade. There are no known workarounds for this issue.\n"}, {"lang": "es", "value": "erohtar/Dasherr es un panel para servicios autohospedados. En las versiones afectadas, la carga de archivos sin restricciones permite que cualquier usuario no autenticado ejecute c\u00f3digo arbitrario en el servidor. El archivo /www/include/filesave.php permite cargar cualquier archivo en cualquier lugar. Si un atacante carga un archivo php, puede ejecutar c\u00f3digo en el servidor. Este problema se solucion\u00f3 en la versi\u00f3n 1.05.00. Se recomienda a los usuarios que actualicen. No se conocen workarounds para este problema."}], "id": "CVE-2023-23607", "lastModified": "2024-11-21T07:46:31.390", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-01-20T21:15:11.167", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/erohtar/Dasherr/commit/445325c7cf1148a8cd38af3a90789c6cbf6c5112"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/erohtar/Dasherr/security/advisories/GHSA-6rgc-2x44-7phq"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/erohtar/Dasherr/commit/445325c7cf1148a8cd38af3a90789c6cbf6c5112"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/erohtar/Dasherr/security/advisories/GHSA-6rgc-2x44-7phq"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.vicarius.io/vsociety/posts/analyzing-arbitrary-file-upload-in-dasherr-cve-2023-23607-23608"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "security-advisories@github.com", "type": "Secondary"}]}