OpenX arbitrary file upload
Description
OpenX versions 2.8.5 and 2.8.6 contain an arbitrary file upload vulnerability that allows unauthenticated remote attackers to upload and execute malicious files on the server. The vulnerability exists in the ofc_upload_image.php file within the videoReport plugin, which fails to properly validate uploaded files. During testing, a file named testing_test was created on the server to confirm the vulnerability. This file should be manually removed from the system.
Remediation
Take immediate action to remediate this critical vulnerability using one of the following methods:
Option 1 (Recommended): Upgrade to OpenX version 2.8.7 or later, which addresses this vulnerability.
Option 2 (Temporary Mitigation): If immediate upgrade is not possible, delete the vulnerable file from your OpenX installation:
[openx_dir]/www/admin/plugins/videoReport/lib/ofc2/ofc_upload_image.php
Post-Remediation Steps:
1. Search for and remove any unauthorized files that may have been uploaded, including the test file testing_test
2. Review web server logs for suspicious upload activity or unexpected file access patterns
3. Conduct a security audit to identify any potential compromise or backdoors
4. Consider implementing web application firewall (WAF) rules to block unauthorized file upload attempts