#############################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#############################################################
#
# Product:  ONELAN CMS [1]
# Vendor:   ONELAN
# CSNC ID:  CSNC-2018-009
# Subject:  Arbitrary File Upload
# Risk:     High
# Effect:   Remotely exploitable
# Author:   Stephan Sekula <stephan.sekula@compass-security.com>
# Date:     06.02.2018
#
#############################################################

Introduction:
-------------
The ONELAN Content Management System (CMS) software leverages more than a
decade of development and industry experience to deliver users a business
tool that makes creating, publishing and managing content simple and
dependable. [1]

Compass Security discovered a security flaw in the ONELAN CMS, which
allows uploading arbitrary files to the system.


Affected:
---------
Vulnerable:
 * CMS V3.3.0 Build 56815


Technical Description
---------------------
Authenticated users are able to upload arbitrary files, including malware
to the system. The application does not limit file types or contents.


Workaround / Fix:
-----------------
This issue can be fixed by checking file types and contents as well as
performing a malware scan on all uploaded files.


Timeline:
---------
2018-05-29:     Public disclosure
2018-05-28:     Release of fixed version/patch
2018-02-12:     Initial vendor response
2018-02-06:     Initial vendor notification
2018-02-06:     Discovery by Stephan Sekula


References:
-----------
[1] https://onelan.com/products/publisher-cms/