CVE-2024-8941 describes a path traversal vulnerability discovered in Scriptcase versions 9.4.019–9.4.019. This flaw allows unauthenticated remote attackers to bypass security restrictions and access files outside the intended directory. The vulnerability resides in the /scriptcase/devel/compat/nmeditphp_edit.php file, specifically within the 'subpage' parameter. A patch is available to address this issue.
The path traversal vulnerability in Scriptcase enables an attacker to bypass intended security restrictions and access files outside of the intended directory. By manipulating the ‘subpage’ parameter in a POST request, an attacker can craft a malicious payload containing path traversal sequences like ‘…/’ to navigate the file system. This could lead to the disclosure of sensitive configuration files, source code, or other critical data stored on the server. Successful exploitation could also allow an attacker to modify or even execute arbitrary code, depending on the permissions of the web server user. The impact is amplified if the Scriptcase installation handles sensitive data or is integrated with other critical systems.
CVE-2024-8941 was publicly disclosed on September 24, 2024. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are not widely available at this time, but the path traversal nature of the vulnerability makes it likely that exploits will emerge. Given the ease of exploitation inherent in path traversal vulnerabilities, active exploitation is possible.
Organizations utilizing Scriptcase versions 9.4.019–9.4.019, particularly those with publicly accessible Scriptcase instances or those lacking robust input validation mechanisms, are at significant risk. Shared hosting environments where multiple users share the same Scriptcase installation are also particularly vulnerable.
• php / web:
curl -I 'http://your-scriptcase-server/scriptcase/devel/compat/nm_edit_php_edit.php?subpage=../../../../etc/passwd' | grep 'HTTP/1.1' • generic web:
grep -r 'nm_edit_php_edit.php' /var/log/apache2/access.logdisclosure
Exploit-Status
EPSS
0.09% (26% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-8941 is to upgrade Scriptcase to a patched version. The vendor has not released a specific fixed version in the provided data; consult the official Scriptcase advisory for the latest available patch. As a temporary workaround, implement strict input validation on the ‘subpage’ parameter to prevent path traversal attempts. Web Application Firewalls (WAFs) can be configured with rules to block requests containing suspicious path traversal sequences. Regularly review Scriptcase configuration and access controls to minimize the potential impact of this vulnerability.
Actualice Scriptcase a una versión posterior a la 9.4.019 para corregir la vulnerabilidad de path traversal. Consulte el sitio web del proveedor para obtener la última versión y las instrucciones de actualización. Aplique las actualizaciones de seguridad tan pronto como estén disponibles.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-8941 is a Path Traversal vulnerability affecting Scriptcase versions 9.4.019–9.4.019, allowing attackers to access files outside the intended directory.
If you are running Scriptcase version 9.4.019–9.4.019, you are potentially affected by this vulnerability. Check the official Scriptcase advisory for confirmation.
Upgrade Scriptcase to a patched version as soon as it becomes available. Consult the official Scriptcase advisory for the latest patch.
There is currently no confirmed active exploitation, but the vulnerability's nature suggests potential for exploitation.
Refer to the official Scriptcase security advisories on their website or through their security mailing list.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.