diff --git a/documentation/modules/exploit/unix/webapp/jquery_file_upload.md b/documentation/modules/exploit/unix/webapp/jquery_file_upload.md index 6a401d7ea9..862b880f0e 100644 --- a/documentation/modules/exploit/unix/webapp/jquery_file_upload.md +++ b/documentation/modules/exploit/unix/webapp/jquery_file_upload.md @@ -6,6 +6,9 @@ handler for blueimp's jQuery File Upload widget in versions <= 9.22.0. Due to a default configuration in Apache 2.3.9+, the widget's `.htaccess` file may be disabled, enabling exploitation of this vulnerability. +This vulnerability has been exploited in the wild since at least 2015 +and was publicly disclosed to the vendor in 2018. + ## Setup diff --git a/modules/exploits/unix/webapp/jquery_file_upload.rb b/modules/exploits/unix/webapp/jquery_file_upload.rb index 4f660f90c7..80c6ce2144 100644 --- a/modules/exploits/unix/webapp/jquery_file_upload.rb +++ b/modules/exploits/unix/webapp/jquery_file_upload.rb @@ -19,9 +19,12 @@ class MetasploitModule < Msf::Exploit::Remote Due to a default configuration in Apache 2.3.9+, the widget's .htaccess file may be disabled, enabling exploitation of this vulnerability. + + This vulnerability has been exploited in the wild since at least 2015 + and was publicly disclosed to the vendor in 2018. }, 'Author' => [ - 'Larry W. Cashdollar', # Discovery and PoC + 'Larry W. Cashdollar', # Advisory and PoC 'wvu' # Metasploit module ], 'References' => [ @@ -30,7 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote ['URL', 'https://github.com/blueimp/jQuery-File-Upload/pull/3514'], ['URL', 'https://github.com/lcashdol/Exploits/tree/master/CVE-2018-9206'] ], - 'DisclosureDate' => 'Oct 9 2018', + 'DisclosureDate' => 'Oct 9 2018', # Public disclosure 'License' => MSF_LICENSE, 'Platform' => ['php', 'linux'], 'Arch' => [ARCH_PHP, ARCH_X86, ARCH_X64],