Plattform
python
Komponente
opencti
Behoben in
3.3.2
CVE-2020-37041 is a Path Traversal vulnerability discovered in OpenCTI versions 3.3.1. This flaw allows an unauthenticated attacker to read sensitive files from the server's filesystem. The vulnerability is triggered by crafting malicious GET requests to the /static/css endpoint, utilizing path traversal sequences. A patch is available to resolve this issue.
The primary impact of CVE-2020-37041 is the potential for unauthorized access to sensitive files. An attacker can leverage the directory traversal vulnerability to read files outside of the intended static directory, potentially exposing configuration files, source code, or even system files like /etc/passwd on Linux systems. This could lead to information disclosure, privilege escalation, and compromise of the entire system. The ease of exploitation, requiring only a crafted HTTP request, significantly increases the risk. The ability to read arbitrary files makes this vulnerability particularly concerning.
CVE-2020-37041 was publicly disclosed on 2026-01-30. There is no indication of this vulnerability being actively exploited in the wild, nor is it listed on the CISA KEV catalog. Public proof-of-concept (PoC) code is likely to be readily available due to the simplicity of the attack vector, increasing the risk of exploitation.
Organizations utilizing OpenCTI 3.3.1, particularly those with publicly accessible instances or those lacking robust network security controls, are at significant risk. Shared hosting environments where OpenCTI is deployed alongside other applications are also vulnerable, as a compromise of one application could potentially lead to exploitation of this vulnerability.
• linux / server:
journalctl -u opencti | grep -i "path traversal"• generic web:
curl -I 'http://<opencti_server>/static/css//../../../../../../../../etc/passwd' | grep 'HTTP/1.1 200 OK'disclosure
Exploit-Status
EPSS
0.34% (56% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2020-37041 is upgrading to a patched version of OpenCTI. Since no fixed version is specified, carefully review vendor communications for updates. As a temporary workaround, implement a Web Application Firewall (WAF) rule to block requests containing path traversal sequences (e.g., '../') in the /static/css/ endpoint. Restrict access to the /static/ directory to prevent unauthorized file access. Monitor access logs for suspicious requests targeting the /static/css/ endpoint. After applying mitigations, verify the fix by attempting to access a file outside the intended static directory via the /static/css/ endpoint; access should be denied.
Actualizar OpenCTI a una versión posterior a la 3.3.1 que corrija la vulnerabilidad de path traversal. Consultar el sitio web del proveedor para obtener la última versión y las instrucciones de actualización.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2020-37041 is a vulnerability allowing unauthenticated attackers to read arbitrary files on an OpenCTI server running version 3.3.1 via the /static/css endpoint.
If you are running OpenCTI version 3.3.1, you are potentially affected by this vulnerability. Check your OpenCTI deployment immediately.
Upgrade OpenCTI to a patched version. Consult the official OpenCTI security advisories for the latest recommended version.
While no active exploitation campaigns have been publicly reported, the ease of exploitation makes it a potential target. Proactive mitigation is recommended.
Refer to the OpenCTI security advisories on their official website or GitHub repository for the latest information and updates regarding this vulnerability.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.