Platform
java
Component
com.reposilite:reposilite-backend
Fixed in
3.3.1
3.5.12
CVE-2024-36116 is a Path Traversal vulnerability discovered in Reposilite Backend, specifically within the handling of JavaDoc archives. This flaw allows attackers to upload arbitrary files to the server, potentially leading to code execution and complete system compromise. The vulnerability impacts Reposilite Backend versions 3.5.10 and earlier. A fix is available in version 3.5.12.
The primary impact of CVE-2024-36116 is the ability for an attacker to upload arbitrary files to the Reposilite server. This is achieved by manipulating the expansion of Javadoc archives, exploiting a flaw in how the JavadocEndpoints.kt controller handles file paths. Successful exploitation could allow an attacker to upload malicious code, such as a web shell, granting them remote code execution (RCE) capabilities. This could lead to complete control of the server, data exfiltration, and further lateral movement within the network. The blast radius extends to any sensitive data stored or processed by Reposilite, including repository metadata and potentially associated code.
CVE-2024-36116 was publicly disclosed on August 2, 2024. Currently, there are no known public exploits or active campaigns targeting this vulnerability. Its inclusion in the NVD is pending. The EPSS score is likely to be assessed as medium due to the potential for RCE and the relatively straightforward nature of the exploit, although the need for access to the Javadoc archive endpoint limits the initial attack surface.
Exploit Status
EPSS
27.70% (96% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-36116 is to upgrade Reposilite Backend to version 3.5.12 or later, which contains the fix for this vulnerability. If an immediate upgrade is not possible, consider implementing temporary workarounds. Restrict file upload permissions and implement strict input validation on all file paths to prevent path traversal attempts. Web Application Firewalls (WAFs) can be configured to block requests containing suspicious file paths or extensions. Monitor Reposilite logs for unusual file upload activity and unauthorized access attempts. After upgrading, verify the fix by attempting to upload a file with a manipulated path and confirming that the upload is rejected.
Update Reposilite to version 3.5.12 or higher. This version fixes the path traversal vulnerability when expanding Javadoc files. The update will prevent potential local file overwrites and remote code execution.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-36116 is a Path Traversal vulnerability in Reposilite Backend versions 3.5.10 and earlier, allowing attackers to upload arbitrary files via manipulated Javadoc archives.
If you are running Reposilite Backend version 3.5.10 or earlier, you are potentially affected by this vulnerability. Upgrade to version 3.5.12 or later to mitigate the risk.
The recommended fix is to upgrade Reposilite Backend to version 3.5.12 or later. Temporary workarounds include restricting file upload permissions and implementing input validation.
As of now, there are no confirmed reports of active exploitation of CVE-2024-36116, but it's crucial to apply the patch promptly.
Refer to the official Reposilite security advisory on their GitHub repository for detailed information and updates: https://github.com/dzikoysk/reposilite/security/advisories/GHSA-xxxx-xxxx-xxxx
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your pom.xml file and we'll tell you instantly if you're affected.