Platform
php
Component
grav
Fixed in
1.7.47
CVE-2024-34082 describes an Arbitrary File Access vulnerability in Grav CMS, a file-based Web platform. This flaw allows low-privilege user accounts with page edit privileges to read any server files through Twig syntax injection. Exploitation can lead to the compromise of user accounts and the exposure of sensitive data, impacting Grav CMS versions prior to 1.7.46. A patch is available in version 1.7.46.
The primary impact of CVE-2024-34082 is the potential for unauthorized access to sensitive server files. Attackers can leverage this vulnerability to read Grav user account files, specifically /grav/user/accounts/*.yaml. These files contain hashed user passwords, two-factor authentication (2FA) secrets, and password reset tokens. Successful exploitation allows an adversary to compromise any registered account, potentially gaining full control over the CMS and its associated data. This could lead to data breaches, website defacement, and further malicious activity. The ability to read arbitrary files extends the attack surface, potentially exposing configuration files, database credentials, or other sensitive information stored on the server.
CVE-2024-34082 was publicly disclosed on May 15, 2024. There is currently no indication of active exploitation in the wild, nor is it listed on the CISA KEV catalog. Public proof-of-concept (PoC) code is not widely available, but the vulnerability's nature suggests that PoCs could be developed relatively easily. The vulnerability's impact on user accounts makes it a potentially attractive target for malicious actors.
Exploit Status
EPSS
0.21% (44% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-34082 is to immediately upgrade Grav CMS to version 1.7.46 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing temporary workarounds. While not a complete solution, restricting file access permissions on the /grav/user/accounts/ directory can limit the scope of potential data exposure. Review and harden Twig template configurations to prevent syntax injection. Monitor Grav CMS logs for suspicious activity, particularly attempts to access files outside of expected directories. After upgrading, confirm the fix by attempting to access the /grav/user/accounts/*.yaml files with a low-privilege user account; access should be denied.
Actualice Grav a la versión 1.7.46 o superior. Esta versión contiene una corrección para la vulnerabilidad de lectura arbitraria de archivos. La actualización se puede realizar a través del panel de administración de Grav o mediante la línea de comandos.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-34082 is a HIGH severity vulnerability allowing low-privilege users to read server files in Grav CMS versions before 1.7.46, potentially exposing user account data and other sensitive information.
Yes, if you are running Grav CMS version 1.7.46 or earlier, you are vulnerable to this Arbitrary File Access vulnerability.
Upgrade Grav CMS to version 1.7.46 or later to address this vulnerability. Consider temporary workarounds like restricting file access permissions if immediate upgrade is not possible.
There is currently no confirmed evidence of active exploitation in the wild, but the vulnerability's nature makes it a potential target.
Refer to the Grav CMS security advisory for detailed information and updates: [https://grav.0x.ninja/security/advisories/CVE-2024-34082](https://grav.0x.ninja/security/advisories/CVE-2024-34082)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.