← back
CVE-2023-4220

Chamilo LMS Unauthenticated Big Upload File Remote Code Execution

CVSS 8.1 HIGHEPSS 76.1%CWE-434
Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Chamilo · Chamilo
public PoCs found27
githubgithub.com/Ziad-Sakr/Chamilo-CVE-2023-4220-Exploit5githubgithub.com/Rai2en/CVE-2023-4220-Chamilo-LMS5githubgithub.com/charlesgargasson/CVE-2023-42201githubgithub.com/Pr1or95/CVE-2023-4220-exploit1githubgithub.com/dollarboysushil/Chamilo-LMS-Unauthenticated-File-Upload-CVE-2023-42201githubgithub.com/thefizzyfish/CVE-2023-4220_Chamilo_RCE1githubgithub.com/0x00-null/Chamilo-CVE-2023-4220-RCE-Exploit1githubgithub.com/bueno-armando/CVE-2023-4220-RCE1githubgithub.com/oxapavan/CVE-2023-4220-HTB-PermX1githubgithub.com/zora-beep/CVE-2023-42201githubgithub.com/N1ghtfallXxX/CVE-2023-42201githubgithub.com/charchit-subedi/chamilo-lms-unauthenticated-rce-poc0githubgithub.com/VanishedPeople/CVE-2023-42200githubgithub.com/LGenAgul/CVE-2023-4220-Proof-of-concept0githubgithub.com/qrxnz/CVE-2023-42200githubgithub.com/Least-Significant-Bit/CVE-2023-42200githubgithub.com/Sn0wBaall/CVE-2023-4220-PoC0githubgithub.com/0xDTC/Chamilo-LMS-CVE-2023-4220-Exploit0githubgithub.com/H4cking4All/CVE-2023-42200githubgithub.com/SpeatX/ChamiloLMS-CVE-2023-42200githubgithub.com/numaan911098/CVE-2023-42200githubgithub.com/m3m0o/chamilo-lms-unauthenticated-big-upload-rce-poc0githubgithub.com/HO4XXX/cve-2023-4220-poc0githubgithub.com/nr4x4/CVE-2023-42200githubgithub.com/Al3xGD/CVE-2023-4220-Exploit0githubgithub.com/gmh5225/CVE-2023-42200exploitdbwww.exploit-db.com/exploits/52083unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/chamilo/chamilo-lms/commit/3b487a55076fb06f96809b790a35dcdd42f8ec49https://starlabs.sg/advisories/23/23-4220https://support.chamilo.org/projects/chamilo-18/wiki/security_issues#Issue-130-2023-09-04-Critical-impact-High-risk-Unauthenticated-users-may-gain-XSS-and-unauthenticated-RCE-CVE-2023-4220