{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/metacrm--6.4.0-beta06/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-8758"}],"_cs_exploited":true,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["MetaCRM (\u003c= 6.4.0 Beta06)"],"_cs_severities":["high"],"_cs_tags":["unrestricted-upload","rce","web-application"],"_cs_type":"threat","_cs_vendors":["Metasoft 美特软件"],"content_html":"\u003cp\u003eMetasoft 美特软件 MetaCRM, a customer relationship management system, is vulnerable to an unrestricted file upload vulnerability (CVE-2026-8758) affecting versions up to 6.4.0 Beta06. The vulnerability resides in the \u003ccode\u003e/common/jsp/upload3.jsp\u003c/code\u003e file, and successful exploitation allows an unauthenticated attacker to upload arbitrary files to the server. Publicly available exploits exist, increasing the risk of active exploitation. The vendor was notified but did not respond. This vulnerability can lead to arbitrary code execution, data breaches, and full system compromise.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker identifies a MetaCRM instance running a vulnerable version (\u0026lt;= 6.4.0 Beta06).\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP POST request targeting the \u003ccode\u003e/common/jsp/upload3.jsp\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eThe attacker manipulates the \u003ccode\u003eFile\u003c/code\u003e argument within the request, potentially using techniques to bypass file type restrictions (e.g., double extensions, null byte injection).\u003c/li\u003e\n\u003cli\u003eThe server processes the request without proper validation, allowing the attacker to upload a file containing malicious code (e.g., a JSP webshell).\u003c/li\u003e\n\u003cli\u003eThe attacker accesses the uploaded file via a direct HTTP request to its location on the server.\u003c/li\u003e\n\u003cli\u003eThe server executes the malicious code within the uploaded file, granting the attacker arbitrary code execution.\u003c/li\u003e\n\u003cli\u003eThe attacker establishes persistence by, for example, writing a startup script or modifying system configuration files.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-8758 allows an unauthenticated remote attacker to upload arbitrary files, leading to arbitrary code execution on the affected MetaCRM server. This can result in complete system compromise, data breaches, and denial of service. Given that CRM systems often contain sensitive customer data, a successful attack could have significant financial and reputational consequences.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to a patched version of MetaCRM that addresses CVE-2026-8758; apply available patches immediately to MetaCRM instances.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule provided below to detect exploitation attempts against \u003ccode\u003e/common/jsp/upload3.jsp\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eImplement file upload restrictions and validation on the server side to prevent the upload of malicious file types.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for suspicious activity, including requests to \u003ccode\u003e/common/jsp/upload3.jsp\u003c/code\u003e with unusual parameters.\u003c/li\u003e\n\u003cli\u003eImplement network segmentation to limit the impact of a successful compromise on other systems.\u003c/li\u003e\n\u003cli\u003eReview and enforce principle of least privilege on the MetaCRM system, restricting file upload access to authorized users only.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-17T14:18:11Z","date_published":"2026-05-17T14:18:11Z","id":"https://feed.craftedsignal.io/briefs/2026-05-metasoft-metacrm-upload/","summary":"A vulnerability in Metasoft MetaCRM up to version 6.4.0 Beta06 allows for unrestricted file upload due to manipulation of the 'File' argument in the /common/jsp/upload3.jsp file, potentially leading to arbitrary code execution.","title":"Metasoft MetaCRM Unrestricted File Upload Vulnerability (CVE-2026-8758)","url":"https://feed.craftedsignal.io/briefs/2026-05-metasoft-metacrm-upload/"}],"language":"en","title":"CraftedSignal Threat Feed — MetaCRM (\u003c= 6.4.0 Beta06)","version":"https://jsonfeed.org/version/1.1"}