Platform
python
Component
opencti
Fixed in
3.3.2
CVE-2020-37041 is a Path Traversal vulnerability discovered in OpenCTI versions 3.3.1. This flaw allows an unauthenticated attacker to read sensitive files from the server's filesystem. The vulnerability is triggered by crafting malicious GET requests to the /static/css endpoint, utilizing path traversal sequences. A patch is available to resolve this issue.
The primary impact of CVE-2020-37041 is the potential for unauthorized access to sensitive data stored on the server. An attacker could leverage this vulnerability to read configuration files, source code, or even system files like /etc/passwd (as demonstrated in the vulnerability description). Successful exploitation could lead to information disclosure, potentially compromising the confidentiality of the OpenCTI environment and the data it manages. While the vulnerability requires no authentication, the attacker needs to be able to reach the OpenCTI server over a network.
CVE-2020-37041 was publicly disclosed on 2026-01-30. The vulnerability was discovered by Raif Berkay Dincel and confirmed on both Linux Mint and Windows 10, indicating broad applicability. No public exploits or active campaigns have been reported at the time of this writing, but the ease of exploitation makes it a potential target. The vulnerability is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.34% (56% percentile)
CISA SSVC
CVSS Vector
The recommended mitigation for CVE-2020-37041 is to upgrade OpenCTI to a version containing the fix. Since a specific fixed version isn't provided, it's crucial to consult the OpenCTI security advisories for the latest patched release. As a temporary workaround, consider implementing a Web Application Firewall (WAF) rule to block requests containing path traversal sequences (e.g., '../') in the /static/css endpoint. Additionally, restrict access to the OpenCTI server to only authorized networks and users.
Update OpenCTI to a version later than 3.3.1 that fixes the path traversal vulnerability. Consult the vendor's website for the latest version and upgrade instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2020-37041 is a vulnerability allowing unauthenticated attackers to read arbitrary files on an OpenCTI server running version 3.3.1 via the /static/css endpoint.
If you are running OpenCTI version 3.3.1, you are potentially affected by this vulnerability. Check your OpenCTI deployment immediately.
Upgrade OpenCTI to a patched version. Consult the official OpenCTI security advisories for the latest recommended version.
While no active exploitation campaigns have been publicly reported, the ease of exploitation makes it a potential target. Proactive mitigation is recommended.
Refer to the OpenCTI security advisories on their official website or GitHub repository for the latest information and updates regarding this vulnerability.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.