Plattform
other
Komponente
mirage
Behoben in
1.0.21
CVE-2024-7743 is a critical server-side request forgery (SSRF) vulnerability discovered in ltcms version 1.0.20. This flaw allows attackers to manipulate internal resources and potentially gain unauthorized access through the /api/file/downloadUrl endpoint. The vulnerability impacts ltcms versions 1.0.20–1.0.20 and has been addressed in version 1.0.21. Public exploitation details are available.
The SSRF vulnerability in ltcms allows an attacker to craft malicious requests through the /api/file/downloadUrl endpoint, leveraging the 'file' parameter. By manipulating this parameter, an attacker can trick the server into making requests to internal resources or external systems that it shouldn't normally access. This could lead to exposure of sensitive internal data, unauthorized access to internal services, or even potential for remote code execution if the server interacts with vulnerable internal components. The potential blast radius extends to any internal resources accessible by the ltcms server, making this a significant security risk.
This vulnerability has been publicly disclosed, and a proof-of-concept may be available. The vendor was contacted but did not respond. The exploit's public availability increases the risk of exploitation. It is not currently listed on CISA KEV as of this writing, but its public nature warrants close monitoring. The CVSS score of 7.3 (HIGH) reflects the potential impact and ease of exploitation.
Organizations deploying ltcms version 1.0.20 are at immediate risk. Shared hosting environments where ltcms is installed alongside other applications are particularly vulnerable, as a successful exploit could potentially compromise other systems on the same host. Legacy configurations with default settings and limited security controls are also at higher risk.
disclosure
Exploit-Status
EPSS
0.20% (42% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-7743 is to upgrade ltcms to version 1.0.21 or later, which includes the fix for this SSRF vulnerability. If upgrading immediately is not feasible, consider implementing temporary workarounds such as restricting outbound network access from the ltcms server to only necessary destinations. Implementing a Web Application Firewall (WAF) with rules to filter requests containing suspicious URLs or patterns in the 'file' parameter can also provide an additional layer of defense. Monitor the /api/file/downloadUrl endpoint for unusual activity and implement strict input validation to prevent malicious file paths. After upgrade, confirm by attempting to access the /api/file/downloadUrl endpoint with a known malicious file path and verifying that the request is blocked or handled safely.
Actualizar a una versión parcheada si está disponible. De lo contrario, implementar validación y saneamiento robustos en la entrada 'file' del endpoint /api/file/downloadUrl para prevenir la manipulación de la URL y evitar solicitudes a servidores no autorizados. Considerar la implementación de una lista blanca de dominios permitidos para las solicitudes.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-7743 is a critical SSRF vulnerability in ltcms versions 1.0.20–1.0.20, allowing attackers to trigger server-side request forgery via the /api/file/downloadUrl endpoint.
If you are running ltcms version 1.0.20, you are affected by this vulnerability and should upgrade immediately.
Upgrade ltcms to version 1.0.21 or later to resolve the SSRF vulnerability. Consider temporary workarounds like WAF rules and restricting outbound network access if immediate upgrade is not possible.
The vulnerability has been publicly disclosed, and a proof-of-concept may be available, increasing the risk of exploitation.
Due to the vendor's lack of response, a formal advisory may not be available. Monitor security news sources and vulnerability databases for updates.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.