An unauthenticated arbitrary file upload vulnerability in Delta Sql allows remote attackers to execute malicious code on the server, posing a critical security risk.

This vulnerability involves an insecure file upload mechanism in the docs_upload.php file, which fails to validate user-supplied input. An unauthenticated attacker can upload arbitrary PHP files to the server and execute them, leading to complete remote code execution (RCE).

With a CVSS score of 9.8, this vulnerability represents a critical risk to the confidentiality, integrity, and availability of the host system. Successful exploitation allows an attacker to gain full control over the application server, potentially leading to unauthorized data access, lateral movement within the network, and significant reputational damage.

Immediate Action: Update Delta Sql to a version newer than 1.8.2 immediately to mitigate the risk of remote code execution.

Proactive Monitoring: Review web access logs for unusual POST requests directed at docs_upload.php and monitor the server’s upload directory for unauthorized script files.

Compensating Controls: Deploy a Web Application Firewall (WAF) with rules configured to block file uploads containing executable extensions (e.g., .php) from untrusted sources.

Public Exploit Available: True

The severity of this flaw, combined with the availability of public exploits, necessitates an emergency patching cycle. Organizations should prioritize updating the affected software to a secure version and perform a thorough security audit of the server to ensure no malicious persistence mechanisms were established prior to patching.