Plattform
python
Komponente
pwndoc
Behoben in
1.0.1
CVE-2024-55602 describes a Path Traversal vulnerability discovered in PwnDoc, a penetration test report generator. This vulnerability allows an authenticated user to read arbitrary files on the system by injecting path traversal sequences into the file extension property when updating or downloading templates. The vulnerability affects versions of PwnDoc prior to commit 1d4219c596f4f518798492e48386a20c6e9a2fe6, and a patch has been released in that commit.
Successful exploitation of this Path Traversal vulnerability allows an attacker to bypass intended access controls and read sensitive files from the server's file system. This could include configuration files, source code, database credentials, or other confidential data. The attacker's ability to read arbitrary files depends on the permissions of the user account running the PwnDoc application. While the vulnerability requires authentication, a compromised account could grant significant access to the underlying system. The potential blast radius extends to any data accessible by the PwnDoc process, potentially exposing sensitive information about the target environment and penetration testing activities.
This vulnerability was publicly disclosed on December 10, 2024. There is no indication of active exploitation campaigns at this time. No public proof-of-concept exploits have been released. The vulnerability is not currently listed on the CISA KEV catalog. Given the relatively recent disclosure and lack of public exploits, the probability of exploitation is currently considered low.
Organizations using PwnDoc for penetration testing and report generation are at risk, particularly those with less stringent access controls. Shared hosting environments where multiple users have access to PwnDoc templates are especially vulnerable, as a compromised user account could be used to exploit this vulnerability.
• python: Monitor PwnDoc logs for unusual file access attempts, especially those involving ../ sequences. Use Python's os.path.abspath() function to sanitize file paths before processing them.
import os
filepath = os.path.abspath(user_supplied_path)
if not filepath.startswith(base_directory):
# Reject the path
print("Invalid path")• generic web: Examine web server access logs for requests containing path traversal patterns (e.g., ../../).
• generic web: Check for unusual file extensions being uploaded or accessed through PwnDoc's interface.
disclosure
Exploit-Status
EPSS
0.46% (64% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-55602 is to upgrade PwnDoc to version 1d4219c596f4f518798492e48386a20c6e9a2fe6, which contains the fix. If an immediate upgrade is not feasible, consider restricting access to template update and download functionality to trusted users only. Implement strict input validation on file extension properties to prevent the injection of path traversal sequences. Review and harden the permissions of the user account running the PwnDoc application to limit the potential impact of a successful exploit. After upgrading, confirm the fix by attempting to upload a template with a path traversal sequence in the file extension and verifying that the attempt is rejected.
Actualice PwnDoc a la versión posterior al commit 1d4219c596f4f518798492e48386a20c6e9a2fe6. Esto corrige la vulnerabilidad de path traversal al actualizar y descargar plantillas. La actualización se puede realizar a través del gestor de paquetes de Python o descargando la última versión del repositorio.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-55602 is a Path Traversal vulnerability in PwnDoc versions before 1d4219c596f4f518798492e48386a20c6e9a2fe6, allowing authenticated users to read arbitrary files.
You are affected if you are using PwnDoc versions prior to 1d4219c596f4f518798492e48386a20c6e9a2fe6. Check your version and upgrade immediately.
Upgrade PwnDoc to version 1d4219c596f4f518798492e48386a20c6e9a2fe6. Restrict template access and validate file extensions as a temporary workaround.
While no widespread exploitation has been confirmed, the vulnerability's ease of exploitation suggests it could become a target.
Refer to the PwnDoc project repository and associated security advisories for the latest information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.