CVE-2013-10034
BaseFortify
Publication date: 2025-07-31
Last updated on: 2025-07-31
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| kaseya | kserver | <6.3.0.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an unrestricted file upload issue in Kaseya KServer versions before 6.3.0.2. It occurs because the uploadImage.asp endpoint allows unauthenticated users to upload files to arbitrary locations by manipulating the filename parameter in a multipart/form-data POST request. Attackers can upload files with an .asp extension to web-accessible directories and then execute arbitrary code with the privileges of the IUSR account, enabling remote code execution without needing to authenticate.
How can this vulnerability impact me? :
The vulnerability can allow attackers to execute arbitrary code on the affected server remotely without authentication. This can lead to full compromise of the server, unauthorized access to sensitive data, disruption of services, and potentially using the compromised server as a foothold to attack other systems within the network.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately upgrade Kaseya KServer to version 6.3.0.2 or later, which removes the vulnerable uploadImage.asp endpoint. Until the upgrade is applied, restrict access to the uploadImage.asp endpoint and monitor for any unauthorized file uploads to web-accessible directories.