jQuery-File-Upload CVE-2018-9206 Arbitrary File Upload Vulnerability

jQuery-File-Upload is prone to an arbitrary file-upload vulnerability.
An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application.
jQuery-File-Upload version 9.22.0 and prior are vulnerable.

Information

Bugtraq ID: 105679
Class: Input Validation Error
CVE: CVE-2018-9206

Remote: Yes
Local: No
Published: Oct 09 2018 12:00AM
Updated: Jan 29 2019 10:00AM
Credit: Larry Cashdollar
Vulnerable: Oracle Siebel Applications 18.11
Oracle Siebel Applications 18.10
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier 17.12
Oracle Primavera Unifier 17.1
Oracle Primavera Unifier 16.2
Oracle Primavera Unifier 16.1
Oracle Communications Services Gatekeeper 6.0
Oracle Communications Services Gatekeeper 5.1
blueimp jQuery-File-Upload 9.22
blueimp jQuery-File-Upload 9.21
blueimp jQuery-File-Upload 9.20
blueimp jQuery-File-Upload 9.19.3
blueimp jQuery-File-Upload 9.19.2
blueimp jQuery-File-Upload 9.19.1
blueimp jQuery-File-Upload 9.19

Not Vulnerable: Oracle Communications Services Gatekeeper 6.1.0.4.0
blueimp jQuery-File-Upload 9.22.1

Exploit

Reports indicate that this issue is being exploited in the wild. Please see the references for more information.

References:

• SECURITY FIX: Only allow image file types by default. (blueimp)
  
• blueimp/jQuery-File-Upload (blueimp)
  
• Exploits/CVE-2018-9206/ (lcashdol)
  
• jQuery-File-Upload Homepage (blueimp)
  
• Title: jQuery-File-Upload (vapidlabs.com)
  
• Oracle Critical Patch Update Advisory - January 2019 (Oracle)
  

Source: www.securityfocus.com