Plattform
vue
Komponente
gin-vue-admin
Behoben in
0.0.1
CVE-2024-31457 describes a code injection vulnerability discovered in gin-vue-admin, a full-stack backstage management system built with Vue and Gin. This vulnerability allows attackers to perform directory traversal within the Plugin System -> Plugin Template feature, potentially leading to arbitrary code execution. The vulnerability affects versions of gin-vue-admin up to and including 0.0.0-20240407133540-7bc7c3051067 (2.6.1). A fix has been released in version 0.0.0-20240409100909-b1b7427c6ea6.
The impact of this vulnerability is significant. By manipulating the plugName parameter, an attacker can bypass directory traversal restrictions and create arbitrary files within the system. This allows them to inject malicious code, such as Go files, into critical directories like api, config, global, model, router, and service. The ability to create and execute arbitrary code within these directories could grant the attacker complete control over the backend system, potentially leading to data breaches, system compromise, and denial of service. The full-stack nature of gin-vue-admin means that a successful attack could impact both the backend and frontend components, expanding the potential blast radius.
This vulnerability was publicly disclosed on April 9, 2024. There is currently no indication that this vulnerability is being actively exploited in the wild, but the availability of a public description increases the risk of exploitation. The vulnerability's ease of exploitation (directory traversal) suggests a potential for opportunistic attacks. It is not currently listed on the CISA KEV catalog. Public proof-of-concept code is likely to emerge given the vulnerability's nature.
Organizations using gin-vue-admin for their backend management systems are at risk, particularly those running older, unpatched versions. Shared hosting environments where multiple users have access to the plugin management features are especially vulnerable, as a compromised plugin could affect the entire hosting instance. Any deployment relying on the default plugin template functionality without proper input validation is also at increased risk.
• linux / server:
find /opt/gin-vue-admin/plugins/ -name '*api*.go' -o -name '*config*.go' -o -name '*global*.go' -o -name '*model*.go' -o -name '*router*.go' -o -name '*service*.go' -o -name '*main.go*' 2>/dev/null• generic web:
curl -I 'http://your-gin-vue-admin-instance/plugins/api/some..directory.go' # Check for 403 or other error indicating traversal is blockeddisclosure
patch
Exploit-Status
EPSS
0.33% (56% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-31457 is to immediately upgrade to version 0.0.0-20240409100909-b1b7427c6ea6 or later. If upgrading is not immediately feasible, consider implementing temporary workarounds. Restrict access to the Plugin System -> Plugin Template feature to trusted users only. Implement strict input validation on the plugName parameter, ensuring it only accepts alphanumeric characters and prevents directory traversal sequences (e.g., ../). Web application firewalls (WAFs) can be configured to block requests containing suspicious directory traversal patterns. Monitor system logs for unusual file creation activity within the plugin directories. After upgrading, confirm the fix by attempting to create a file using a directory traversal payload in the plugName parameter; the request should be rejected.
Actualice gin-vue-admin a la versión 0.0.0-20240409100909-b1b7427c6ea6 o posterior. Como alternativa, implemente manualmente el método de filtrado disponible en el GitHub Security Advisory para corregir el problema de directory traversal. Esto evitará la inyección de código arbitrario a través del parámetro `plugName`.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-31457 is a code injection vulnerability in gin-vue-admin, allowing attackers to perform directory traversal and potentially execute arbitrary code.
You are affected if you are using gin-vue-admin versions ≤ 0.0.0-20240409100909-b1b7427c6ea6.
Upgrade to version 0.0.0-20240409100909-b1b7427c6ea6 or later. Implement input validation and restrict access to the plugin management feature as temporary mitigations.
There is currently no confirmed active exploitation, but the vulnerability's nature makes it a potential target.
Refer to the gin-vue-admin project's repository or website for the official advisory and release notes.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.