Exploit
CVE-2023-52076

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)

Published: Jan 25, 2024 / Updated: 9mo ago

010
CVSS 7.8EPSS 0.15%High
CVE info copied to clipboard

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere on the filesystem to which the user opening a crafted document has access. The only limitation is that this vulnerability cannot be exploited to overwrite existing files, but that doesn't stop an attacker from achieving Remote Command Execution on the target system. Version 1.26.2 of Atril contains a patch for this vulnerability.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Timeline

First Article

Feedly found the first article mentioning CVE-2023-52076. See article

Jan 19, 2024 at 9:04 AM / Vulnerability Archives • Penetration Testing
Exploitation in the Wild

Attacks in the wild have been reported by Bad Sector Labs Blog. See article

Jan 24, 2024 at 6:41 AM / Bad Sector Labs Blog
CVE Assignment

NVD published the first details for CVE-2023-52076

Jan 25, 2024 at 8:15 AM
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Jan 25, 2024 at 4:02 PM
EPSS

EPSS Score was set to: 0.15% (Percentile: 50.5%)

Jan 31, 2024 at 7:29 PM
Proof of Concept (PoC) Released

A proof of concept exploit has been released

Feb 2, 2024 at 12:10 PM
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Nessus (190808)

Feb 20, 2024 at 6:15 PM
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Qualys (6000627)

May 13, 2024 at 7:53 AM
CVSS

A CVSS base score of 7.8 has been assigned.

Jun 15, 2024 at 4:20 AM / nvd
Static CVE Timeline Graph

Affected Systems

Mate-desktop/atril
+null more

Exploits

https://github.com/mate-desktop/atril/security/advisories/GHSA-6mf6-mxpc-jc37
+null more

Patches

github.com
+null more

Attack Patterns

CAPEC-126: Path Traversal
+null more

CVSS V3.1

Attack Vector:Local
Attack Complexity:Low
Privileges Required:None
User Interaction:Required
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI