{"id":5033,"date":"2024-03-01T11:00:28","date_gmt":"2024-03-01T18:00:28","guid":{"rendered":"https:\/\/www.whitefirdesign.com\/blog\/?p=5033"},"modified":"2024-03-01T10:28:14","modified_gmt":"2024-03-01T17:28:14","slug":"kentico-cms-still-being-abused-to-host-spam-files-on-websites-possibly-through-vulnerability","status":"publish","type":"post","link":"https:\/\/www.whitefirdesign.com\/blog\/2024\/03\/01\/kentico-cms-still-being-abused-to-host-spam-files-on-websites-possibly-through-vulnerability\/","title":{"rendered":"Kentico CMS Still Being Abused to Host Spam Files on Websites, Possibly Through Vulnerability"},"content":{"rendered":"<p>Two days ago, we looked at one method web spammers are using to post spam files on to websites, <a href=\"https:\/\/www.whitefirdesign.com\/blog\/2024\/02\/28\/spammers-still-abusing-drupal-webform-module-to-put-spam-pdfs-and-pages-on-websites\/\">abusing the Webform module for Drupal<\/a>. Another aspect of this involves a less popular content management system, Kentico CMS. Like the abuse of that Drupal module, this isn&#8217;t a new issue. Lorenzo Franceschi-Bicchierai <a href=\"https:\/\/techcrunch.com\/2023\/06\/02\/scammers-publish-ads-for-hacking-services-on-government-websites\/\">covered this situation<\/a> in June of last year at TechCrunch.<\/p>\n<p>What is going on there, though, isn&#8217;t as clear. The TechCrunch article had this response from the developer of Kentico CMS:<\/p>\n<blockquote><p>\u201cWe are aware of this particular risk that could have happened with Kentico 12 or older versions. This was identified years ago as a result of a misconfiguration, and we already addressed it at the time and changed our documentation,\u201d<\/p><\/blockquote>\n<p>It&#8217;s unclear what addressing it means and if this was an end-user misconfiguration or a developer misconfiguration.<\/p>\n<p>The security fixes listed version 12 of Kentico CMS on the software&#8217;s <a href=\"https:\/\/devnet.kentico.com\/download\/hotfixes\">Hotfixes page<\/a>, including two fixes for vulnerabilities that allowed uploading files that shouldn&#8217;t have been allowed. We found another claim of a similar issue that was supposed to have been addressed in version 11.0.45 of the software, though we couldn&#8217;t find a mention on the Hotfixes page of a security fix in that version.<\/p>\n<p>So this is possibly caused by a vulnerability in an old version of Kentico CMS or possibly abuse of intended upload functionality that was addressed in new versions of the software.<\/p>\n<p>For those running Kentico CMS or other web software that have websites that appear to be hacked, <a href=\"https:\/\/www.whitefirdesign.com\/services\/hacked-website-cleanup.html\">we can help you to get that properly cleaned up<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Two days ago, we looked at one method web spammers are using to post spam files on to websites, abusing the Webform module for Drupal. Another aspect of this involves a less popular content management system, Kentico CMS. Like the abuse of that Drupal module, this isn&#8217;t a new issue. Lorenzo Franceschi-Bicchierai covered this situation &hellip; <a href=\"https:\/\/www.whitefirdesign.com\/blog\/2024\/03\/01\/kentico-cms-still-being-abused-to-host-spam-files-on-websites-possibly-through-vulnerability\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Kentico CMS Still Being Abused to Host Spam Files on Websites, Possibly Through Vulnerability&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[28,27],"tags":[283],"class_list":["post-5033","post","type-post","status-publish","format-standard","hentry","category-spam","category-website-hacked","tag-kentico-cms"],"_links":{"self":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/5033","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/comments?post=5033"}],"version-history":[{"count":1,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/5033\/revisions"}],"predecessor-version":[{"id":5040,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/5033\/revisions\/5040"}],"wp:attachment":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/media?parent=5033"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/categories?post=5033"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/tags?post=5033"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}