CVE-2018-25388
Arbitrary File Upload in HaPe PKH 1.1
Publication date: 2026-05-29
Last updated on: 2026-05-29
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hape | pkh | 1.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
HaPe PKH version 1.1 contains an arbitrary file upload vulnerability that allows authenticated attackers to bypass file type validation and upload malicious files.
Attackers can upload PHP files through multiple endpoints such as aksi_foto.php, aksi_user.php, and aksi_kecamatan.php.
This enables the execution of arbitrary code on the server, potentially compromising the system.
How can this vulnerability impact me? :
Successful exploitation of this vulnerability allows attackers to execute arbitrary code on the server.
This can lead to full system compromise, including unauthorized access, data theft, or disruption of services.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for the presence of uploaded PHP files in directories related to the HaPe PKH application, especially through the endpoints aksi_foto.php, aksi_user.php, and aksi_kecamatan.php.
You can look for suspicious PHP files in upload directories such as /hape-pkh/gambar-konten/ which may indicate exploitation attempts.
Suggested commands to detect potential exploitation include:
- Using find command on the server to locate PHP files in upload directories: find /path/to/hape-pkh/ -type f -name "*.php"
- Checking web server logs for POST requests to aksi_foto.php, aksi_user.php, and aksi_kecamatan.php endpoints that may indicate file uploads.
- Using network monitoring tools to detect unusual HTTP POST requests to these endpoints.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting or disabling file uploads through the vulnerable endpoints (aksi_foto.php, aksi_user.php, and aksi_kecamatan.php) until a patch or fix is applied.
Implement strict server-side validation to ensure only allowed file types are accepted, preventing PHP or other executable files from being uploaded.
Review and remove any suspicious PHP files found in upload directories to prevent code execution.
Limit user privileges to reduce the risk of authenticated attackers exploiting the vulnerability.
Monitor server logs and network traffic for signs of exploitation attempts.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how the arbitrary file upload vulnerability in HaPe PKH 1.1 directly affects compliance with common standards and regulations such as GDPR or HIPAA.