CWE-24
AllowedPath Traversal: '../filedir'
Abstraction: Variant · Status: Incomplete
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize "../" sequences that can resolve to a location that is outside of that directory.
187 vulnerabilities reference this CWE, most recent first.
CVE-2024-12897 (GCVE-0-2024-12897)
Vulnerability from cvelistv5 – Published: 2024-12-22 23:31 – Updated: 2024-12-27 08:51 Unsupported When Assigned| URL | Tags |
|---|---|
| https://vuldb.com/?id.289167 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.289167 | signaturepermissions-required |
| https://vuldb.com/?submit.464260 | third-party-advisory |
| https://netsecfish.notion.site/Path-Traversal-Vul… | exploit |
| https://netsecfish.notion.site/Path-Traversal-Vul… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| Intelbras | VIP S3020 G2 |
Affected:
20241222
|
|
| Intelbras | VIP S4020 G2 |
Affected:
20241222
|
|
| Intelbras | VIP S4020 G3 |
Affected:
20241222
|
|
| Intelbras | VIP S4320 G2 |
Affected:
20241222
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12897",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-24T16:00:18.160289Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-24T16:00:32.149Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://netsecfish.notion.site/Path-Traversal-Vulnerability-in-IntelBras-IP-Cameras-mtd-Config-Sha1Account1-and-mtd-Confi-15e6b683e67c80809442ee3425f753b7"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Web Interface"
],
"product": "VIP S3020 G2",
"vendor": "Intelbras",
"versions": [
{
"status": "affected",
"version": "20241222"
}
]
},
{
"modules": [
"Web Interface"
],
"product": "VIP S4020 G2",
"vendor": "Intelbras",
"versions": [
{
"status": "affected",
"version": "20241222"
}
]
},
{
"modules": [
"Web Interface"
],
"product": "VIP S4020 G3",
"vendor": "Intelbras",
"versions": [
{
"status": "affected",
"version": "20241222"
}
]
},
{
"modules": [
"Web Interface"
],
"product": "VIP S4320 G2",
"vendor": "Intelbras",
"versions": [
{
"status": "affected",
"version": "20241222"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "netsecfish (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Intelbras VIP S3020 G2, VIP S4020 G2, VIP S4020 G3 and VIP S4320 G2 up to 20241222. It has been classified as critical. This affects an unknown part of the file ../mtd/Config/Sha1Account1 of the component Web Interface. The manipulation leads to path traversal: \u0027../filedir\u0027. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in Intelbras VIP S3020 G2, VIP S4020 G2, VIP S4020 G3 and VIP S4320 G2 bis 20241222 ausgemacht. Sie wurde als kritisch eingestuft. Es geht dabei um eine nicht klar definierte Funktion der Datei ../mtd/Config/Sha1Account1 der Komponente Web Interface. Durch Beeinflussen mit unbekannten Daten kann eine path traversal: \u0027../filedir\u0027-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-24",
"description": "Path Traversal: \u0027../filedir\u0027",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T08:51:42.245Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-289167 | Intelbras VIP S4320 G2 Web Interface Sha1Account1 path traversal",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.289167"
},
{
"name": "VDB-289167 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.289167"
},
{
"name": "Submit #464260 | IntelBras IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z, IPC-HDW1200S, VIP S3020 G2, VIP S4020 G2, VIP S4320 G2, VIP S4020 G3 WebVersion: 3.2.1.225946; WebVersion: 3.2.1.291804 Path Traversal",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.464260"
},
{
"tags": [
"exploit"
],
"url": "https://netsecfish.notion.site/Path-Traversal-Vulnerability-in-IntelBras-IP-Cameras-mtd-Config-Sha1Account1-and-mtd-Confi-15e6b683e67c80809442ee3425f753b7?pvs=4"
}
],
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2024-12-22T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-12-22T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-12-27T09:56:32.000Z",
"value": "VulDB entry last update"
}
],
"title": "Intelbras VIP S4320 G2 Web Interface Sha1Account1 path traversal"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-12897",
"datePublished": "2024-12-22T23:31:05.102Z",
"dateReserved": "2024-12-22T08:47:43.200Z",
"dateUpdated": "2024-12-27T08:51:42.245Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-12482 (GCVE-0-2024-12482)
Vulnerability from cvelistv5 – Published: 2024-12-11 19:31 – Updated: 2024-12-11 21:24| URL | Tags |
|---|---|
| https://vuldb.com/?id.287864 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.287864 | signaturepermissions-required |
| https://vuldb.com/?submit.458853 | third-party-advisory |
| https://github.com/hadagaga/vuln/blob/master/wete… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| cjbi | wetech-cms |
Affected:
1.0
Affected: 1.1 Affected: 1.2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12482",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-11T21:23:55.947996Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T21:24:13.491Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Database Backup Handler"
],
"product": "wetech-cms",
"vendor": "cjbi",
"versions": [
{
"status": "affected",
"version": "1.0"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "1.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "hadagaga (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been rated as problematic. Affected by this issue is the function backup of the file wetech-cms-master\\wetech-basic-common\\src\\main\\java\\tech\\wetech\\basic\\util\\BackupFileUtil.java of the component Database Backup Handler. The manipulation of the argument name leads to path traversal: \u0027../filedir\u0027. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Eine problematische Schwachstelle wurde in cjbi wetech-cms 1.0/1.1/1.2 ausgemacht. Hierbei geht es um die Funktion backup der Datei wetech-cms-master\\wetech-basic-common\\src\\main\\java\\tech\\wetech\\basic\\util\\BackupFileUtil.java der Komponente Database Backup Handler. Mittels dem Manipulieren des Arguments name mit unbekannten Daten kann eine path traversal: \u0027../filedir\u0027-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-24",
"description": "Path Traversal: \u0027../filedir\u0027",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T19:31:06.607Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-287864 | cjbi wetech-cms Database Backup BackupFileUtil.java backup path traversal",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.287864"
},
{
"name": "VDB-287864 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.287864"
},
{
"name": "Submit #458853 | cjbi wetech-cms BackupFileUtil.java name 1 Path Traversal: \u0027../filedir\u0027",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.458853"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/hadagaga/vuln/blob/master/wetech-cms/Catalog_penetration/Catalog_penetration.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-12-11T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-12-11T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-12-11T13:39:40.000Z",
"value": "VulDB entry last update"
}
],
"title": "cjbi wetech-cms Database Backup BackupFileUtil.java backup path traversal"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-12482",
"datePublished": "2024-12-11T19:31:06.607Z",
"dateReserved": "2024-12-11T12:34:28.704Z",
"dateUpdated": "2024-12-11T21:24:13.491Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10379 (GCVE-0-2024-10379)
Vulnerability from cvelistv5 – Published: 2024-10-25 12:00 – Updated: 2024-10-25 18:49- CWE-24 - Path Traversal: '../filedir'
| URL | Tags |
|---|---|
| https://vuldb.com/?id.281809 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.281809 | signaturepermissions-required |
| https://vuldb.com/?submit.426087 | third-party-advisory |
| https://flowus.cn/share/0b03c61a-76a5-4f45-9ee7-a… | exploit |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:esafenet:cdg:5:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cdg",
"vendor": "esafenet",
"versions": [
{
"status": "affected",
"version": "5"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-10379",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-25T15:15:05.894352Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T18:49:16.011Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CDG",
"vendor": "ESAFENET",
"versions": [
{
"status": "affected",
"version": "5"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "0menc (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in ESAFENET CDG 5. Affected by this vulnerability is the function actionViewDecyptFile of the file /com/esafenet/servlet/client/DecryptApplicationService.java. The manipulation of the argument decryptFileId with the input ../../../Windows/System32/drivers/etc/hosts leads to path traversal: \u0027../filedir\u0027. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The affected function has a typo and is missing an R. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In ESAFENET CDG 5 wurde eine problematische Schwachstelle entdeckt. Hierbei betrifft es die Funktion actionViewDecyptFile der Datei /com/esafenet/servlet/client/DecryptApplicationService.java. Dank der Manipulation des Arguments decryptFileId mit der Eingabe ../../../Windows/System32/drivers/etc/hosts mit unbekannten Daten kann eine path traversal: \u0027../filedir\u0027-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-24",
"description": "Path Traversal: \u0027../filedir\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T12:00:16.480Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-281809 | ESAFENET CDG DecryptApplicationService.java actionViewDecyptFile path traversal",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.281809"
},
{
"name": "VDB-281809 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.281809"
},
{
"name": "Submit #426087 | ESAFENET CDG V5 Exposure of Sensitive Information Through Data Queries",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.426087"
},
{
"tags": [
"exploit"
],
"url": "https://flowus.cn/share/0b03c61a-76a5-4f45-9ee7-a88e0f21d539?code=G8A6P3"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-10-25T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-10-25T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-10-25T07:59:03.000Z",
"value": "VulDB entry last update"
}
],
"title": "ESAFENET CDG DecryptApplicationService.java actionViewDecyptFile path traversal"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-10379",
"datePublished": "2024-10-25T12:00:16.480Z",
"dateReserved": "2024-10-25T05:53:44.360Z",
"dateUpdated": "2024-10-25T18:49:16.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8409 (GCVE-0-2024-8409)
Vulnerability from cvelistv5 – Published: 2024-09-04 14:31 – Updated: 2024-09-04 15:38- CWE-24 - Path Traversal: '../filedir'
| URL | Tags |
|---|---|
| https://vuldb.com/?id.276489 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.276489 | signaturepermissions-required |
| https://github.com/peritocibernetico/ABCD_Vulnera… | exploit |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:abcd:abcd2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "abcd2",
"vendor": "abcd",
"versions": [
{
"lessThan": "2.2.0-beta-1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8409",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T15:36:41.103430Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T15:38:51.273Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ABCD2",
"vendor": "ABCD",
"versions": [
{
"status": "affected",
"version": "2.2.0-beta-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in ABCD ABCD2 up to 2.2.0-beta-1. This affects an unknown part of the file /common/show_image.php. The manipulation of the argument image leads to path traversal: \u0027../filedir\u0027. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in ABCD ABCD2 bis 2.2.0-beta-1 entdeckt. Sie wurde als problematisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Datei /common/show_image.php. Durch Manipulation des Arguments image mit unbekannten Daten kann eine path traversal: \u0027../filedir\u0027-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-24",
"description": "CWE-24 Path Traversal: \u0027../filedir\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T14:31:04.314Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-276489 | ABCD ABCD2 show_image.php path traversal",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.276489"
},
{
"name": "VDB-276489 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.276489"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/peritocibernetico/ABCD_Vulnerabilities"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-09-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-09-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-09-04T10:44:23.000Z",
"value": "VulDB entry last update"
}
],
"title": "ABCD ABCD2 show_image.php path traversal"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-8409",
"datePublished": "2024-09-04T14:31:04.314Z",
"dateReserved": "2024-09-04T08:39:13.686Z",
"dateUpdated": "2024-09-04T15:38:51.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6786 (GCVE-0-2024-6786)
Vulnerability from cvelistv5 – Published: 2024-09-21 04:14 – Updated: 2024-09-26 06:52- CWE-24 - Path Traversal: '../filedir'
| URL | Tags |
|---|---|
| https://www.moxa.com/en/support/product-support/s… | vendor-advisory |
| https://www.cisa.gov/news-events/ics-advisories/i… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Moxa | MXview One Series |
Affected:
0 , < 1.4
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6786",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-23T14:04:54.992536Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-23T14:05:05.194Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MXview One Series",
"vendor": "Moxa",
"versions": [
{
"lessThan": "1.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Noam Moshe of Claroty Research - Team82"
}
],
"datePublic": "2024-09-21T04:09:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability allows an attacker to craft MQTT messages that include relative path traversal sequences, enabling them to read arbitrary files on the system. This could lead to the disclosure of sensitive information, such as configuration files and JWT signing secrets. \u003c/span\u003e"
}
],
"value": "The vulnerability allows an attacker to craft MQTT messages that include relative path traversal sequences, enabling them to read arbitrary files on the system. This could lead to the disclosure of sensitive information, such as configuration files and JWT signing secrets."
}
],
"impacts": [
{
"capecId": "CAPEC-139",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-139: Relative Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-24",
"description": "CWE-24: Path Traversal: \u0027../filedir\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T06:52:45.192Z",
"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"shortName": "Moxa"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240735-multiple-vulnerabilities-in-mxview-one-and-mxview-one-central-manager-series"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-268-05"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMoxa has developed appropriate solutions to address vulnerability. The solutions for affected products are listed below.\u003c/p\u003e\u003cul\u003e\u003cli\u003eMXview One Series: Upgrade to the 1.4.1 version\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "Moxa has developed appropriate solutions to address vulnerability. The solutions for affected products are listed below.\n\n * MXview One Series: Upgrade to the 1.4.1 version"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "MXview One Series vulnerable to Path Traversal",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cul\u003e\u003cli\u003eMinimize network exposure to ensure the device is not accessible from the Internet.\u003c/li\u003e\u003cli\u003eIt is highly recommended to change the default credentials immediately upon your first login to the service. This helps enhance security and prevent unauthorized access.\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "* Minimize network exposure to ensure the device is not accessible from the Internet.\n * It is highly recommended to change the default credentials immediately upon your first login to the service. This helps enhance security and prevent unauthorized access."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"assignerShortName": "Moxa",
"cveId": "CVE-2024-6786",
"datePublished": "2024-09-21T04:14:22.667Z",
"dateReserved": "2024-07-16T09:32:41.142Z",
"dateUpdated": "2024-09-26T06:52:45.192Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6746 (GCVE-0-2024-6746)
Vulnerability from cvelistv5 – Published: 2024-07-15 12:00 – Updated: 2024-08-01 21:41- CWE-24 - Path Traversal: '../filedir'
| URL | Tags |
|---|---|
| https://vuldb.com/?id.271477 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.271477 | signaturepermissions-required |
| https://vuldb.com/?submit.371998 | third-party-advisory |
| https://github.com/NaiboWang/EasySpider/issues/466 | exploitissue-tracking |
| Vendor | Product | Version | |
|---|---|---|---|
| NaiboWang | EasySpider |
Affected:
0.6.2
|
|
| naibowang | easyspider |
Affected:
0.6.2
cpe:2.3:a:naibowang:easyspider:0.6.2:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:naibowang:easyspider:0.6.2:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "easyspider",
"vendor": "naibowang",
"versions": [
{
"status": "affected",
"version": "0.6.2"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6746",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T13:46:31.555838Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T13:48:01.676Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:41:04.556Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VDB-271477 | NaiboWang EasySpider HTTP GET Request server.js path traversal",
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.271477"
},
{
"name": "VDB-271477 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.271477"
},
{
"name": "Submit #371998 | NaiboWang EasySpider Version 0.6.2 Arbitrary File Read Vulnerability",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://vuldb.com/?submit.371998"
},
{
"tags": [
"exploit",
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/NaiboWang/EasySpider/issues/466"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"modules": [
"HTTP GET Request Handler"
],
"product": "EasySpider",
"vendor": "NaiboWang",
"versions": [
{
"status": "affected",
"version": "0.6.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "jiashenghe (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in NaiboWang EasySpider 0.6.2 on Windows. Affected by this vulnerability is an unknown functionality of the file \\EasySpider\\resources\\app\\server.js of the component HTTP GET Request Handler. The manipulation with the input /../../../../../../../../../Windows/win.ini leads to path traversal: \u0027../filedir\u0027. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. The identifier VDB-271477 was assigned to this vulnerability. NOTE: The code maintainer explains, that this is not a big issue \"because the default is that the software runs locally without going through the Internet\"."
},
{
"lang": "de",
"value": "In NaiboWang EasySpider 0.6.2 f\u00fcr Windows wurde eine problematische Schwachstelle entdeckt. Betroffen ist eine unbekannte Verarbeitung der Datei \\EasySpider\\resources\\app\\server.js der Komponente HTTP GET Request Handler. Durch Manipulieren mit der Eingabe /../../../../../../../../../Windows/win.ini mit unbekannten Daten kann eine path traversal: \u0027../filedir\u0027-Schwachstelle ausgenutzt werden. Der Angriff kann im lokalen Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 3.3,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-24",
"description": "CWE-24 Path Traversal: \u0027../filedir\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T12:00:06.186Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-271477 | NaiboWang EasySpider HTTP GET Request server.js path traversal",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.271477"
},
{
"name": "VDB-271477 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.271477"
},
{
"name": "Submit #371998 | NaiboWang EasySpider Version 0.6.2 Arbitrary File Read Vulnerability",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.371998"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/NaiboWang/EasySpider/issues/466"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-07-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-07-15T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-07-15T08:20:39.000Z",
"value": "VulDB entry last update"
}
],
"title": "NaiboWang EasySpider HTTP GET Request server.js path traversal"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-6746",
"datePublished": "2024-07-15T12:00:06.186Z",
"dateReserved": "2024-07-15T06:14:49.671Z",
"dateUpdated": "2024-08-01T21:41:04.556Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-4790 (GCVE-0-2024-4790)
Vulnerability from cvelistv5 – Published: 2024-05-11 23:31 – Updated: 2024-08-01 20:55- CWE-24 - Path Traversal: '../filedir'
| URL | Tags |
|---|---|
| https://vuldb.com/?id.263889 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.263889 | signaturepermissions-required |
| https://vuldb.com/?submit.329483 | third-party-advisory |
| https://github.com/gatsby2003/DedeCms/blob/main/D… | broken-linkexploit |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4790",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T19:41:35.104031Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T19:41:44.513Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:55:09.994Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VDB-263889 | DedeCMS path traversal",
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.263889"
},
{
"name": "VDB-263889 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.263889"
},
{
"name": "Submit #329483 | https://www.dedecms.com/ dedecms V5.7.114 Directory traversal",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://vuldb.com/?submit.329483"
},
{
"tags": [
"broken-link",
"exploit",
"x_transferred"
],
"url": "https://github.com/gatsby2003/DedeCms/blob/main/Directory_traversal_arbitrary_file_read.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DedeCMS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.7.114"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "gatsby (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in DedeCMS 5.7.114. This affects an unknown part of the file /sys_verifies.php?action=view. The manipulation of the argument filename with the input ../../../../../etc/passwd leads to path traversal: \u0027../filedir\u0027. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263889 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in DedeCMS 5.7.114 entdeckt. Sie wurde als problematisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Datei /sys_verifies.php?action=view. Durch Beeinflussen des Arguments filename mit der Eingabe ../../../../../etc/passwd mit unbekannten Daten kann eine path traversal: \u0027../filedir\u0027-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-24",
"description": "CWE-24 Path Traversal: \u0027../filedir\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-11T23:31:03.662Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-263889 | DedeCMS path traversal",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.263889"
},
{
"name": "VDB-263889 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.263889"
},
{
"name": "Submit #329483 | https://www.dedecms.com/ dedecms V5.7.114 Directory traversal",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.329483"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/gatsby2003/DedeCms/blob/main/Directory_traversal_arbitrary_file_read.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-05-11T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-05-11T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-05-11T08:01:34.000Z",
"value": "VulDB entry last update"
}
],
"title": "DedeCMS path traversal"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-4790",
"datePublished": "2024-05-11T23:31:03.662Z",
"dateReserved": "2024-05-11T05:56:11.416Z",
"dateUpdated": "2024-08-01T20:55:09.994Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3686 (GCVE-0-2024-3686)
Vulnerability from cvelistv5 – Published: 2024-04-12 13:31 – Updated: 2024-08-15 15:44- CWE-24 - Path Traversal: '../filedir'
| URL | Tags |
|---|---|
| https://vuldb.com/?id.260473 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.260473 | signaturepermissions-required |
| https://vuldb.com/?submit.309454 | third-party-advisory |
| https://github.com/Echosssy/CVE/blob/main/Dedecms… | exploit |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:20:01.013Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VDB-260473 | DedeCMS update_guide.php path traversal",
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.260473"
},
{
"name": "VDB-260473 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.260473"
},
{
"name": "Submit #309454 | \u4e0a\u6d77\u5353\u5353\u7f51\u7edc\u79d1\u6280\u6709\u9650\u516c\u53f8 Dedecms DedeCMS-V5.7.112-UTF8 any file deleted",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://vuldb.com/?submit.309454"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/Echosssy/CVE/blob/main/Dedecms%E6%9C%80%E6%96%B0%E7%89%88%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E5%88%A0%E9%99%A4%E7%BB%95%E8%BF%87.pdf"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:dedecms:dedecms:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dedecms",
"vendor": "dedecms",
"versions": [
{
"status": "affected",
"version": "5.7.112-utf8"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3686",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-15T15:42:10.032403Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T15:44:09.447Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DedeCMS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.7.112-UTF8"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Ting (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in DedeCMS 5.7.112-UTF8 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file update_guide.php. The manipulation of the argument files leads to path traversal: \u0027../filedir\u0027. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260473 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In DedeCMS 5.7.112-UTF8 wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion der Datei update_guide.php. Durch Manipulation des Arguments files mit unbekannten Daten kann eine path traversal: \u0027../filedir\u0027-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-24",
"description": "CWE-24 Path Traversal: \u0027../filedir\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-12T13:31:04.514Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-260473 | DedeCMS update_guide.php path traversal",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.260473"
},
{
"name": "VDB-260473 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.260473"
},
{
"name": "Submit #309454 | \u4e0a\u6d77\u5353\u5353\u7f51\u7edc\u79d1\u6280\u6709\u9650\u516c\u53f8 Dedecms DedeCMS-V5.7.112-UTF8 any file deleted",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.309454"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/Echosssy/CVE/blob/main/Dedecms%E6%9C%80%E6%96%B0%E7%89%88%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E5%88%A0%E9%99%A4%E7%BB%95%E8%BF%87.pdf"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-04-12T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-04-12T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-04-12T08:45:45.000Z",
"value": "VulDB entry last update"
}
],
"title": "DedeCMS update_guide.php path traversal"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-3686",
"datePublished": "2024-04-12T13:31:04.514Z",
"dateReserved": "2024-04-12T06:40:40.895Z",
"dateUpdated": "2024-08-15T15:44:09.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3227 (GCVE-0-2024-3227)
Vulnerability from cvelistv5 – Published: 2024-04-03 02:31 – Updated: 2024-08-01 20:05- CWE-24 - Path Traversal: '../filedir'
| URL | Tags |
|---|---|
| https://vuldb.com/?id.259072 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.259072 | signaturepermissions-required |
| https://vuldb.com/?submit.308750 | third-party-advisory |
| https://github.com/garboa/cve_3/blob/main/upload.md | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| Panwei | eoffice OA |
Affected:
9.0
Affected: 9.1 Affected: 9.2 Affected: 9.3 Affected: 9.4 Affected: 9.5 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3227",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T17:53:32.491219Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:24.994Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:05:08.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VDB-259072 | Panwei eoffice OA Backend save_image.php path traversal",
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.259072"
},
{
"name": "VDB-259072 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.259072"
},
{
"name": "Submit #308750 | Panwei Network Technology Co., Ltd. eoffice v9.5 files upload",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://vuldb.com/?submit.308750"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/garboa/cve_3/blob/main/upload.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"modules": [
"Backend"
],
"product": "eoffice OA",
"vendor": "Panwei",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.1"
},
{
"status": "affected",
"version": "9.2"
},
{
"status": "affected",
"version": "9.3"
},
{
"status": "affected",
"version": "9.4"
},
{
"status": "affected",
"version": "9.5"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Guo Jiabao (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Panwei eoffice OA up to 9.5. It has been declared as critical. This vulnerability affects unknown code of the file /general/system/interface/theme_set/save_image.php of the component Backend. The manipulation of the argument image_type leads to path traversal: \u0027../filedir\u0027. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259072."
},
{
"lang": "de",
"value": "In Panwei eoffice OA bis 9.5 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Betroffen ist eine unbekannte Verarbeitung der Datei /general/system/interface/theme_set/save_image.php der Komponente Backend. Dank der Manipulation des Arguments image_type mit unbekannten Daten kann eine path traversal: \u0027../filedir\u0027-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.8,
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-24",
"description": "CWE-24 Path Traversal: \u0027../filedir\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-03T02:31:04.531Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-259072 | Panwei eoffice OA Backend save_image.php path traversal",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.259072"
},
{
"name": "VDB-259072 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.259072"
},
{
"name": "Submit #308750 | Panwei Network Technology Co., Ltd. eoffice v9.5 files upload",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.308750"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/garboa/cve_3/blob/main/upload.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-04-02T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-04-02T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-04-02T20:19:50.000Z",
"value": "VulDB entry last update"
}
],
"title": "Panwei eoffice OA Backend save_image.php path traversal"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-3227",
"datePublished": "2024-04-03T02:31:04.531Z",
"dateReserved": "2024-04-02T18:14:44.847Z",
"dateUpdated": "2024-08-01T20:05:08.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3218 (GCVE-0-2024-3218)
Vulnerability from cvelistv5 – Published: 2024-04-02 23:31 – Updated: 2024-08-01 20:05- CWE-24 - Path Traversal: '../filedir'
| URL | Tags |
|---|---|
| https://vuldb.com/?id.259065 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.259065 | signaturepermissions-required |
| https://vuldb.com/?submit.308510 | third-party-advisory |
| https://github.com/garboa/cve_3/blob/main/file_pu… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| Shibang Communications | IP Network Intercom Broadcasting System |
Affected:
1.0
|
|
| shibangcommunications | ip_network_intercom_broadcasting_system |
Affected:
1.0
cpe:2.3:a:shibangcommunications:ip_network_intercom_broadcasting_system:1.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:shibangcommunications:ip_network_intercom_broadcasting_system:1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ip_network_intercom_broadcasting_system",
"vendor": "shibangcommunications",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3218",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T19:45:53.673376Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T19:53:40.107Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:05:08.386Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VDB-259065 | Shibang Communications IP Network Intercom Broadcasting System busyscreenshotpush.php path traversal",
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.259065"
},
{
"name": "VDB-259065 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.259065"
},
{
"name": "Submit #308510 | Shibang Communications Co., Ltd. IP network intercom broadcasting system v1.0 Write any file",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://vuldb.com/?submit.308510"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/garboa/cve_3/blob/main/file_put_content.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IP Network Intercom Broadcasting System",
"vendor": "Shibang Communications",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Guo Jiabao (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in Shibang Communications IP Network Intercom Broadcasting System 1.0. This affects an unknown part of the file /php/busyscreenshotpush.php. The manipulation of the argument jsondata[callee]/jsondata[imagename] leads to path traversal: \u0027../filedir\u0027. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259065 was assigned to this vulnerability."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in Shibang Communications IP Network Intercom Broadcasting System 1.0 entdeckt. Sie wurde als kritisch eingestuft. Es betrifft eine unbekannte Funktion der Datei /php/busyscreenshotpush.php. Durch Manipulation des Arguments jsondata[callee]/jsondata[imagename] mit unbekannten Daten kann eine path traversal: \u0027../filedir\u0027-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.5,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-24",
"description": "CWE-24 Path Traversal: \u0027../filedir\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T23:31:04.891Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-259065 | Shibang Communications IP Network Intercom Broadcasting System busyscreenshotpush.php path traversal",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.259065"
},
{
"name": "VDB-259065 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.259065"
},
{
"name": "Submit #308510 | Shibang Communications Co., Ltd. IP network intercom broadcasting system v1.0 Write any file",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.308510"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/garboa/cve_3/blob/main/file_put_content.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-04-02T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-04-02T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-04-02T20:08:47.000Z",
"value": "VulDB entry last update"
}
],
"title": "Shibang Communications IP Network Intercom Broadcasting System busyscreenshotpush.php path traversal"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-3218",
"datePublished": "2024-04-02T23:31:04.891Z",
"dateReserved": "2024-04-02T18:03:21.404Z",
"dateUpdated": "2024-08-01T20:05:08.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation MIT-5.1
Strategy: Input Validation
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
- When validating filenames, use stringent allowlists that limit the character set to be used. If feasible, only allow a single "." character in the filename to avoid weaknesses such as CWE-23, and exclude directory separators such as "/" to avoid CWE-36. Use a list of allowable file extensions, which will help to avoid CWE-434.
- Do not rely exclusively on a filtering mechanism that removes potentially dangerous characters. This is equivalent to a denylist, which may be incomplete (CWE-184). For example, filtering "/" is insufficient protection if the filesystem also supports the use of "\" as a directory separator. Another possible error could occur when the filtering is applied in a way that still produces dangerous data (CWE-182). For example, if "../" sequences are removed from the ".../...//" string in a sequential fashion, two instances of "../" would be removed from the original string, but the remaining characters would still form the "../" string.
Mitigation MIT-20
Strategy: Input Validation
Inputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.
No CAPEC attack patterns related to this CWE.