CVE-2024-49380

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') (CWE-74)

Published: Oct 25, 2024 / Updated: 25d ago

010
CVSS 8.9EPSS 0.05%High
CVE info copied to clipboard

Summary

Plenti, a static site generator, has an arbitrary file write vulnerability in versions prior to 0.7.2. The `/postLocal` endpoint is vulnerable when a Plenti user serves their website. This issue may lead to Remote Code Execution.

Impact

This vulnerability allows attackers to write arbitrary files on the system where Plenti is serving a website. The impact is severe as it can lead to Remote Code Execution (RCE). An attacker could potentially gain unauthorized access to the system, execute malicious code, modify or delete files, and potentially pivot to other parts of the network. The vulnerability affects the confidentiality, integrity, and availability of the system, with all these aspects rated as "HIGH" in the CVSS score. The CVSS v4 base score is 8.9, indicating a HIGH severity.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is available. Version 0.7.2 of Plenti fixes the vulnerability.

Mitigation

1. Upgrade Plenti to version 0.7.2 or later immediately. 2. If immediate upgrade is not possible, consider temporarily disabling the `/postLocal` endpoint or restricting access to it. 3. Monitor for any suspicious activities or unauthorized file changes on systems running Plenti. 4. Implement network segmentation to limit the potential impact if exploitation occurs. 5. Regularly audit and review file integrity on systems running Plenti. 6. Apply the principle of least privilege to limit potential damage from exploitation.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Timeline

First Article

Feedly found the first article mentioning CVE-2024-49380. See article

Oct 25, 2024 at 1:16 PM / CVE
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Oct 25, 2024 at 1:17 PM
CVE Assignment

NVD published the first details for CVE-2024-49380

Oct 25, 2024 at 2:15 PM
CVSS

A CVSS base score of 8.9 has been assigned.

Oct 25, 2024 at 2:21 PM / nvd
EPSS

EPSS Score was set to: 0.05% (Percentile: 17.3%)

Oct 26, 2024 at 10:50 AM
Vendor Advisory

GitHub Advisories released a security advisory.

Oct 31, 2024 at 9:48 PM
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Qualys (757378)

Nov 5, 2024 at 7:53 AM
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Nessus (210390)

Nov 6, 2024 at 12:15 PM
Static CVE Timeline Graph

Affected Systems

Github/github
+null more

Patches

Github Advisory
+null more

Links to Mitre Att&cks

T1562.003: Impair Command History Logging
+null more

Attack Patterns

CAPEC-10: Buffer Overflow via Environment Variables
+null more

Vendor Advisory

[GHSA-2p96-p7qh-4rgr] Plenti arbitrary file write vulnerability
GitHub Security Advisory: GHSA-2p96-p7qh-4rgr Release Date: 2024-10-31 Update Date: 2024-10-31 Severity: High CVE-2024-49380 Package Information Package: github.com/plentico/plenti Affected Versions: Patched Versions: 0.7.2 Description Plenti, a static site generator, has an arbitrary file write vulnerability in versions prior to 0.7.2. The /postLocal endpoint is vulnerable to an arbitrary file write vulnerability when a plenti user serves their website. This issue may lead to Remote Code Execution.

News

SUSE SLES15 / openSUSE 15 Security Update : govulncheck-vulndb (SUSE-SU-2024:3911-1)
The remote SUSE host is missing one or more security updates. The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3911-1 advisory.
suse_linux SUSE-SU-2024:3911-1: SUSE SLES15 / openSUSE 15 : Security update for govulncheck-vulndb (Important) (SUSE-SU-2024:3911-1)
Testing Last Updated: 11/6/2024 CVEs: CVE-2024-49757 , CVE-2024-47182 , CVE-2024-8037 , CVE-2024-47827 , CVE-2024-8996 , CVE-2024-9264 , CVE-2024-47003 , CVE-2024-33662 , CVE-2024-47067 , CVE-2024-9180 , CVE-2024-49753 , CVE-2024-8038 , CVE-2024-9407 , CVE-2024-48921 , CVE-2024-47877 , CVE-2024-10214 , CVE-2023-32197 , CVE-2024-47832 , CVE-2024-8901 , CVE-2024-39223 , CVE-2024-9355 , CVE-2024-9313 , CVE-2024-8975 , CVE-2024-9341 , CVE-2024-36814 , CVE-2024-49381 , CVE-2024-22036 , CVE-2024-9486 , CVE-2024-47825 , CVE-2024-7558 , CVE-2023-22644 , CVE-2024-9594 , CVE-2024-47616 , CVE-2024-10241 , CVE-2024-49380 , CVE-2022-45157 , CVE-2024-38365 , CVE-2024-47534 , CVE-2024-48909 , CVE-2024-9312 , CVE-2024-7594 , CVE-2024-22030 , CVE-2024-9675 , CVE-2024-50312
Security: Mehrere Probleme in govulncheck-vulndb (SUSE)
* SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5
SUSE: 2024:3911-1 important: govulncheck-vulndb Security Advisory Updates
* jsc#PED-11136 Cross-References: * CVE-2022-45157 * CVE-2023-22644
openSUSE: 2024:3911-1: important: govulncheck-vulndb Security Advisory Update
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20241030T212825 2024-10-30T21:28:25Z ( jsc#PED-11136 )
See 12 more articles and social media posts

CVSS V3.1

Unknown

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI