Plattform
python
Komponente
mss
Behoben in
5.0.1
CVE-2024-25123 describes a path manipulation vulnerability discovered in the Mission Support System (MSS), an open-source package for planning atmospheric research flights. This flaw allows attackers to potentially access sensitive information by manipulating file paths within the index.py file. The vulnerability affects versions 5.0.0 through 8.3.2, and a fix is available in version 8.3.3.
The vulnerability lies in the _file method within index.py, where the filename route parameter is used to construct file paths. Attackers can exploit this by injecting path traversal sequences (e.g., ../) into the filename parameter, effectively navigating outside the intended directory and accessing arbitrary files on the system. The potential impact includes unauthorized access to configuration files, source code, or other sensitive data stored on the server. While the description doesn't specify the exact data at risk, the ability to read arbitrary files represents a significant security concern, potentially leading to further compromise of the system.
This vulnerability was publicly disclosed on February 15, 2024. There is currently no indication of active exploitation or inclusion in the CISA KEV catalog. Public proof-of-concept (POC) code is not yet widely available, but the vulnerability's nature makes it relatively straightforward to exploit, increasing the likelihood of future exploitation attempts. The vulnerability's simplicity and the widespread use of Python in research environments could make it an attractive target for attackers.
Organizations and researchers utilizing the Mission Support System for atmospheric flight planning are at risk. Specifically, deployments using older versions (5.0.0 through 8.3.2) are vulnerable. Those running the MSS in environments with limited access controls or where sensitive data is stored in accessible locations are at higher risk.
• python / application:
import os
import requests
url = 'http://target/index?file=../../../../etc/passwd' # Example path traversal attempt
response = requests.get(url)
if 'root:' in response.text:
print('Potential vulnerability detected!')• generic web:
curl 'http://target/index?file=../../../../etc/passwd' > output.txt && grep 'root:' output.txtdisclosure
Exploit-Status
EPSS
0.22% (44% Perzentil)
CVSS-Vektor
The primary mitigation for CVE-2024-25123 is to upgrade to version 8.3.3 of the Mission Support System. This version includes a fix that prevents the path manipulation vulnerability. If upgrading immediately is not feasible, consider implementing input validation on the filename parameter to sanitize user-provided input and prevent the injection of path traversal sequences. Web application firewalls (WAFs) configured to detect and block path traversal attempts can also provide an additional layer of defense. After upgrading, confirm the fix by attempting to access files outside the intended directory using crafted filename parameters; the request should be denied.
Actualice el paquete MSS a la versión 8.3.3 o superior. Esto corrige la vulnerabilidad de manipulación de ruta. Puede actualizar usando `pip install --upgrade mss`.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-25123 is a HIGH severity vulnerability affecting Mission Support System versions 5.0.0 through 8.3.2. It allows attackers to manipulate file paths to access sensitive information.
You are affected if you are using Mission Support System versions 5.0.0 through 8.3.2. Upgrade to version 8.3.3 to resolve the vulnerability.
Upgrade to version 8.3.3 of Mission Support System. As a temporary workaround, implement input validation on the filename parameter to prevent path traversal.
There are currently no known public exploits or active campaigns targeting CVE-2024-25123, but its ease of exploitation warrants attention.
Refer to the official Mission Support System project repository and associated security advisories for the latest information on CVE-2024-25123.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.