php · paymenter/paymenterCritical
Paymenter Critical File Upload RCE in Ticket Attachments (pre-v1.2.11)
A critical vulnerability in Paymenter allows authenticated users to upload arbitrary files via ticket attachments, leading to remote code execution.
What changed
A critical vulnerability in Paymenter allows authenticated users to upload arbitrary files via ticket attachments, leading to remote code execution.
Who it affects
All Paymenter instances running versions prior to v1.2.11, especially those with authenticated users.
What to do today
Upgrade to v1.2.11 immediately or apply workarounds such as updating nginx config to serve attachments as octet-stream and blocking /storage/ via WAF.
The trail
Collected→
Audited→
Written→
Published