FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

CVE-2024-9142

External Control of File Name or Path (CWE-73)

Published: Sep 25, 2024 / Updated: 56d ago

010
CVSS 9.4EPSS 0.04%Critical
CVE info copied to clipboard

Summary

External Control of File Name or Path and Incorrect Permission Assignment for Critical Resource vulnerability in Olgu Computer Systems e-Belediye allows Manipulating Web Input to File System Calls. This issue affects e-Belediye versions before 2.0.642.

Impact

This vulnerability has a critical severity with a CVSS v3.1 base score of 9.8 and a CVSS v4.0 base score of 9.4. The impact is severe across all three main security aspects: 1. Confidentiality: High impact, potentially allowing unauthorized access to sensitive information. 2. Integrity: High impact, possibly enabling attackers to modify or manipulate data. 3. Availability: High impact, which could result in system disruptions or denial of service. The vulnerability requires no user interaction and can be exploited over the network with low attack complexity. This means that remote attackers could potentially exploit this vulnerability with relative ease, leading to unauthorized file access, manipulation, or execution of malicious code on the affected systems.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is available. The vulnerability affects e-Belediye versions before 2.0.642. To mitigate this issue, it is crucial to upgrade to version 2.0.642 or later.

Mitigation

1. Immediate patching: Update e-Belediye to version 2.0.642 or later as soon as possible. 2. Access Control: Implement strict access controls and file permissions on critical resources. 3. Input Validation: Enhance input validation mechanisms, particularly for file system-related operations. 4. Network Segmentation: Limit network exposure of the e-Belediye application to reduce the attack surface. 5. Monitoring: Implement robust logging and monitoring to detect any suspicious file system activities or unauthorized access attempts. 6. Regular Security Audits: Conduct frequent security assessments to identify and address similar vulnerabilities. 7. Principle of Least Privilege: Ensure that the application runs with minimal necessary permissions.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Timeline

CVE Assignment

NVD published the first details for CVE-2024-9142

Sep 25, 2024 at 1:15 AM
First Article

Feedly found the first article mentioning CVE-2024-9142. See article

Sep 25, 2024 at 1:24 AM / National Vulnerability Database
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Sep 25, 2024 at 1:24 AM
CVSS

A CVSS base score of 9.8 has been assigned.

Sep 25, 2024 at 1:41 AM / nvd
EPSS

EPSS Score was set to: 0.04% (Percentile: 9.6%)

Sep 25, 2024 at 10:26 AM
Threat Intelligence Report

CVE-2024-9142 is a critical vulnerability in e-Belediye, with a CVSS score of 10.0, that allows external manipulation of file paths, resulting in incorrect permission assignments for critical resources in Olgu Computer Systems. The provided information does not indicate whether the vulnerability is being exploited in the wild, nor does it mention any proof-of-concept exploits, mitigations, detections, or patches available. Additionally, there is no information regarding potential downstream impacts on other third-party vendors or technologies. See article

Sep 27, 2024 at 5:36 AM
Static CVE Timeline Graph

Affected Systems

Eskom/e-belediye
+null more

Links to Mitre Att&cks

T1562.003: Impair Command History Logging
+null more

Attack Patterns

CAPEC-13: Subverting Environment Variable Values
+null more

References

@RISK: The Consensus Security Vulnerability Alert: Vol. 24, Num. 38 - SANS Institute
Google Alert - security-vulnerability OR cyber-vulnerability OR software-vulnerability OR hardware-vulnerability OR systems-vulnerability / 53d
Product: Apache HugeGraph-Server CVSS Score: 0 ** KEV since 2024-09-18 ** NVD: ISC Podcast: CVE-2024-7120 - Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90 are vulnerable to critical os command injection via manipulation of the argument template in the Web Interface component's list_base_config.php file, allowing for remote attacks with publicly disclosed exploit potential (VDB-272451). Product: Ivanti Endpoint Manager Cloud Services Appliance CVSS Score: 9.1 ** KEV since 2024-09-19 ** NVD: ISC Podcast: NVD References: CVE-2024-9043 - Cellopoint's Secure Email Gateway is vulnerable to buffer overflow in authentication allowing remote attackers to crash the process and gain admin privileges.

News

Vulnerability Summary for the Week of September 23, 2024
Totally Secure / 28d
High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source Info Patch Info Dover Fueling Solutions (DFS)–ProGauge MAGLINK LX CONSOLE A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE UTILITY sub-menu can allow a remote attacker to inject arbitrary commands. 2024-09-25 10 CVE-2024-43693 ics-cert@hq.dhs.gov Dover Fueling Solutions (DFS)–ProGauge MAGLINK LX CONSOLE A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE IP sub-menu can allow a remote attacker to inject arbitrary commands. 2024-09-25 10 CVE-2024-45066 ics-cert@hq.dhs.gov webdevmattcrom–GiveWP Donation Plugin and Fundraising Platform The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.1 via deserialization of untrusted input via several parameters like ‘give_title’ and ‘card_address’. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to delete arbitrary files and achieve remote code execution. This is essentially the same vulnerability as CVE-2024-5932, however, it was discovered the the presence of stripslashes_deep on user_info allows the is_serialized check to be bypassed. This issue was mostly patched in 3.16.1, but further hardening was added in 3.16.2. 2024-09-28 10 CVE-2024-8353 security@wordfence.com security@wordfence.com security@wordfence.com security@wordfence.com security@wordfence.com security@wordfence.com Scriptcase–Scriptcase Vulnerability in the Scriptcase application version 9.4.019, which involves the arbitrary upload of a file via /scriptcase/devel/lib/third/jquery_plugin/jQuery-File-Upload/server/php/ via a POST request. An attacker could upload malicious files to the server due to the application not properly verifying user input. 2024-09-25 10 CVE-2024-8940 cve-coordination@incibe.es n/a–n/a File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via the image upload feature when customizing a shop.
Vulnerability Summary for the Week of September 23, 2024
Bulletins / 50d
High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source Info Patch Info Dover Fueling Solutions (DFS)--ProGauge MAGLINK LX CONSOLE A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE UTILITY sub-menu can allow a remote attacker to inject arbitrary commands. 2024-09-25 10 CVE-2024-43693 ics-cert@hq.dhs.gov Dover Fueling Solutions (DFS)--ProGauge MAGLINK LX CONSOLE A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE IP sub-menu can allow a remote attacker to inject arbitrary commands. 2024-09-25 10 CVE-2024-45066 ics-cert@hq.dhs.gov webdevmattcrom--GiveWP Donation Plugin and Fundraising Platform The GiveWP - Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.1 via deserialization of untrusted input via several parameters like 'give_title' and 'card_address'. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to delete arbitrary files and achieve remote code execution. This is essentially the same vulnerability as CVE-2024-5932, however, it was discovered the the presence of stripslashes_deep on user_info allows the is_serialized check to be bypassed. This issue was mostly patched in 3.16.1, but further hardening was added in 3.16.2. 2024-09-28 10 CVE-2024-8353 security@wordfence.com security@wordfence.com security@wordfence.com security@wordfence.com security@wordfence.com security@wordfence.com Scriptcase--Scriptcase Vulnerability in the Scriptcase application version 9.4.019, which involves the arbitrary upload of a file via /scriptcase/devel/lib/third/jquery_plugin/jQuery-File-Upload/server/php/ via a POST request. An attacker could upload malicious files to the server due to the application not properly verifying user input. 2024-09-25 10 CVE-2024-8940 cve-coordination@incibe.es n/a--n/a File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via the image upload feature when customizing a shop.
@RISK: The Consensus Security Vulnerability Alert: Vol. 24, Num. 38 - SANS Institute
Google Alert - security-vulnerability OR cyber-vulnerability OR software-vulnerability OR hardware-vulnerability OR systems-vulnerability / 53d
Product: Apache HugeGraph-Server CVSS Score: 0 ** KEV since 2024-09-18 ** NVD: ISC Podcast: CVE-2024-7120 - Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90 are vulnerable to critical os command injection via manipulation of the argument template in the Web Interface component's list_base_config.php file, allowing for remote attacks with publicly disclosed exploit potential (VDB-272451). Product: Ivanti Endpoint Manager Cloud Services Appliance CVSS Score: 9.1 ** KEV since 2024-09-19 ** NVD: ISC Podcast: NVD References: CVE-2024-9043 - Cellopoint's Secure Email Gateway is vulnerable to buffer overflow in authentication allowing remote attackers to crash the process and gain admin privileges.
CVE-2024-9142
Newest CVEs from Tenable / 55d
Critical Severity Description External Control of File Name or Path, : Incorrect Permission Assignment for Critical Resource vulnerability in Olgu Computer Systems e-Belediye allows Manipulating Web Input to File System Calls.This issue affects e-Belediye: before 2.0.642. Read more at https://www.tenable.com/cve/CVE-2024-9142
NA - CVE-2024-9142 - External Control of File Name or Path, :...
Security-Database Alerts Monitor : Last 100 Alerts / 55d
External Control of File Name or Path, : Incorrect Permission Assignment for Critical Resource vulnerability in Olgu Computer Systems e-Belediye allows Manipulating Web Input to File System...
See 6 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

CVSS 9.8(27010)CWE-73(152)CWE-732(1410)

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence30-day free trial