Plattform
php
Komponente
phpoffice/phpspreadsheet
Behoben in
1.29.3
2.0.1
2.2.1
2.3.0
CVE-2024-45290 describes a Path Traversal vulnerability discovered in phpoffice/phpspreadsheet. This flaw allows attackers to potentially leak sensitive information by crafting malicious XLSX files that exploit how PhpSpreadsheet handles external URLs within images. The vulnerability impacts versions of PhpSpreadsheet up to and including 2.2.2, and a fix is available in version 2.3.0.
An attacker can leverage this vulnerability to read arbitrary files on the server hosting the PhpSpreadsheet application. By crafting a malicious XLSX file containing a specially crafted URL using the php://filter protocol, the attacker can trick PhpSpreadsheet into retrieving and potentially exposing the contents of any file accessible to the web server. This could include sensitive configuration files, database credentials, or even source code. The blast radius extends to any system processing these malicious XLSX files, potentially leading to widespread data breaches and system compromise. This differs from a previously disclosed vulnerability (GHSA-w9xv-qf98-ccq4) and resides in a different component.
This vulnerability was publicly disclosed on 2024-10-07. No known public exploits or active campaigns have been reported at the time of writing. The vulnerability is not currently listed on CISA KEV. The CVSS score of 7.7 indicates a High severity rating, suggesting a reasonable likelihood of exploitation if left unaddressed.
Applications utilizing PhpSpreadsheet versions 2.2.2 or earlier are at risk. This includes web applications, data processing scripts, and any system that processes XLSX files using this library. Shared hosting environments where users can upload files are particularly vulnerable, as malicious XLSX files could be uploaded and processed by other users' applications.
• php: Check for PhpSpreadsheet versions ≤2.2.2 using php -m | grep phpspreadsheet.
• web server: Monitor access logs for requests containing php://filter and unusual file paths. Look for patterns like php://filter/convert.resource://....
• generic web: Use curl to test for file exposure by crafting a malicious XLSX file and attempting to open it through the application. Analyze the response for unexpected file content.
disclosure
Exploit-Status
EPSS
0.30% (54% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation is to upgrade to PhpSpreadsheet version 2.3.0 or later, which contains the fix for this vulnerability. If upgrading is not immediately feasible, consider implementing temporary workarounds. Restrict the ability of PhpSpreadsheet to access external URLs by configuring your web server to block requests to php://filter. Implement strict input validation on all XLSX files processed by PhpSpreadsheet, rejecting files with suspicious URL patterns. Monitor web server access logs for requests containing php://filter and unusual file paths.
Aktualisieren Sie die PhpSpreadsheet-Bibliothek auf Version 1.29.2, 2.1.1 oder 2.3.0 oder eine spätere Version. Dies behebt die Path-Traversal- und Server-Side-Request-Forgery-Schwachstelle beim Öffnen von XLSX-Dateien. Sie können die Bibliothek mit Composer aktualisieren, indem Sie `composer update phpoffice/phpspreadsheet` ausführen.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-45290 is a Path Traversal vulnerability in PhpSpreadsheet versions up to 2.2.2, allowing attackers to potentially leak file contents via malicious XLSX files.
You are affected if you are using PhpSpreadsheet versions 2.2.2 or earlier. Upgrade to 2.3.0 or later to mitigate the risk.
Upgrade to PhpSpreadsheet version 2.3.0 or later. As a temporary workaround, restrict access to php://filter URLs or implement strict input validation.
No active exploitation has been reported at this time, but the High severity rating indicates a potential risk.
Refer to the official advisory on the PhpSpreadsheet GitHub repository: https://github.com/PHPOffice/PhpSpreadsheet/security/advisories/GHSA-w9xv-qf98-ccq4
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.