Exploit
CVE-2024-47769
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)
Published: Oct 4, 2024 / Updated: 46d ago

010

CVSS 7.5EPSS 0.04%High

CVE info copied to clipboard

Summary

IDURAR, an open source ERP CRM accounting invoicing software, contains a vulnerability in the corePublicRouter.js file. The public endpoint is accessible to unauthenticated users, and user input is directly appended to the join statement without proper validation. This allows attackers to send URL encoded malicious payloads. By adding an encoded string at the subpath location, an attacker can escape the directory structure and read system files.

Impact

This vulnerability allows unauthorized access to sensitive system files, potentially leading to information disclosure. An attacker can exploit this flaw to read confidential data, which could include system configurations, user information, or other critical files. The impact is severe as it compromises the confidentiality of the system without requiring user interaction or elevated privileges.

Exploitation

One proof-of-concept exploit is available on github.com. There is no evidence of proof of exploitation at the moment.

Patch

A patch is available. The vulnerability has been addressed in a commit on GitHub, and a security advisory has been published. Users should update to a version newer than 4.1.0 to mitigate this vulnerability.

Mitigation

1. Update IDURAR to a version newer than 4.1.0. 2. If immediate updating is not possible, implement strict input validation and sanitization for all user inputs, especially those used in file path operations. 3. Apply the principle of least privilege to limit access to sensitive system files. 4. Consider implementing additional security measures such as Web Application Firewalls (WAF) to filter malicious requests. 5. Regularly monitor and audit system logs for any suspicious file access attempts.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Timeline

CVE Assignment

NVD published the first details for CVE-2024-47769

Oct 4, 2024 at 3:15 PM

CVSS

A CVSS base score of 7.5 has been assigned.

Oct 4, 2024 at 3:21 PM / nvd

First Article

Feedly found the first article mentioning CVE-2024-47769. See article

Oct 4, 2024 at 3:21 PM / National Vulnerability Database

Threat Intelligence Report

CVE-2024-47769 is a critical vulnerability in IDURAR's open source ERP CRM software, where an unauthenticated user can exploit the corePublicRouter.js file to append malicious payloads to SQL join statements, potentially allowing access to system files. The article does not provide information on a CVSS score, exploitation in the wild, proof-of-concept exploits, or available mitigations and patches. Additionally, there is no mention of downstream impacts to other third-party vendors or technologies. See article

Oct 4, 2024 at 3:21 PM

CVSS Estimate

Feedly estimated the CVSS score as MEDIUM

Oct 4, 2024 at 3:22 PM

EPSS

EPSS Score was set to: 0.04% (Percentile: 11.2%)

Oct 5, 2024 at 10:04 AM

Proof of Concept (PoC) Released

A proof of concept exploit has been released

Nov 13, 2024 at 6:11 PM