Plattform
laravel
Komponente
pxlrbt/filament-excel
Behoben in
2.0.1
1.1.15
CVE-2024-42485 describes a Path Traversal vulnerability within Filament Excel, a library enabling Excel export functionality for Filament admin resources. This flaw allows unauthorized users to download arbitrary files from the server if the webserver configuration permits the use of ../ in the URL. The vulnerability impacts versions 2.0.0 and above, up to, but not including, version 2.3.3. A patch addressing this issue has been released in version 2.3.3.
The core impact of CVE-2024-42485 lies in the ability for an attacker to bypass authentication and retrieve sensitive files from the server. By manipulating the /filament-excel/{path} endpoint, an attacker can craft a request that traverses directories, potentially accessing configuration files, database credentials, source code, or other confidential data. The blast radius extends to any file accessible by the webserver process, and the lack of authentication makes exploitation trivial. This vulnerability shares similarities with other path traversal exploits where improper input validation allows attackers to access restricted resources.
CVE-2024-42485 was publicly disclosed on August 12, 2024. There is currently no listing on KEV, and the EPSS score is pending evaluation. While no public proof-of-concept (PoC) has been widely publicized, the simplicity of path traversal vulnerabilities suggests that a PoC could be developed relatively easily. Active exploitation campaigns are not currently confirmed.
Applications built with Laravel and utilizing the Filament admin panel, particularly those relying on Filament Excel for exporting data to Excel format, are at risk. Shared hosting environments where users have limited control over server configuration are particularly vulnerable, as they may be unable to implement WAF rules or modify webserver settings.
• laravel: Examine Laravel application logs for requests containing ../ in the /filament-excel/{path} route.
grep "/filament-excel/\.\.\/" /var/log/laravel.log• generic web: Monitor web server access logs for requests to /filament-excel/{path} containing directory traversal sequences.
grep '/filament-excel/\.\.\/' /var/log/apache2/access.log• generic web: Check response headers for unexpected file content types when accessing /filament-excel/{path} with crafted paths.
disclosure
Exploit-Status
EPSS
0.74% (73% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-42485 is to upgrade Filament Excel to version 2.3.3 or later. If upgrading immediately is not feasible, consider implementing a Web Application Firewall (WAF) rule to block requests containing ../ in the path parameter of the /filament-excel/{path} endpoint. Additionally, review your webserver configuration to ensure that directory traversal is disabled. As a temporary workaround, restrict access to the /filament-excel/{path} endpoint to authenticated users only. After upgrading, confirm the fix by attempting to access a non-existent file via the export route and verifying that access is denied.
Actualice el paquete `pxlrbt/filament-excel` a la versión 2.3.3 o superior. Esto puede hacerse mediante Composer ejecutando `composer update pxlrbt/filament-excel`. Asegúrese de limpiar la caché de la aplicación después de la actualización.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-42485 is a Path Traversal vulnerability in Filament Excel, allowing attackers to download arbitrary files without authentication.
You are affected if you are using Filament Excel versions 2.0.0 through 2.3.2 and your webserver allows ../ in URLs.
Upgrade to Filament Excel version 2.3.3 or later. As a temporary workaround, implement a WAF rule to block requests with ../ in the path.
There is currently no indication of active exploitation campaigns targeting this vulnerability.
Refer to the Filament security advisory for detailed information and updates: https://filamentphp.com/docs/security
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine composer.lock-Datei hoch und wir sagen dir sofort, ob du betroffen bist.