Plateforme
nodejs
Composant
next
Corrigé dans
9.3.3
9.3.2
CVE-2020-5284 is a directory traversal vulnerability affecting Next.js versions prior to 9.3.2. This vulnerability allows an attacker to potentially read arbitrary files on the server, leading to sensitive data exposure. The vulnerability impacts deployments that are not on ZEIT Now v2, utilizing the serverless target, or using next export. An upgrade to Next.js 9.3.2 is recommended to address this issue.
Successful exploitation of CVE-2020-5284 could allow an attacker to read sensitive files from the server's file system. This could include configuration files containing database credentials, API keys, or other confidential information. The potential blast radius depends on the server's configuration and the files accessible to the application. While the vulnerability doesn't inherently lead to remote code execution, the information gained from file access could be used to facilitate further attacks. The ability to read arbitrary files represents a significant security risk, particularly in environments where sensitive data is stored on the server.
CVE-2020-5284 was publicly disclosed on March 30, 2020. There are currently no known active exploitation campaigns targeting this vulnerability. Public proof-of-concept exploits are available, indicating the vulnerability is relatively easy to exploit. It is not listed on the CISA KEV catalog.
Development teams using Next.js versions prior to 9.3.2 are at risk, particularly those deploying applications to traditional server environments (as opposed to ZEIT Now v2, the serverless target, or next export). Shared hosting environments where the application has elevated file system permissions are also at increased risk.
• nodejs / server:
find /path/to/nextjs/app -name '*.*' -type f -print0 | xargs -0 grep -i 'sensitive_data'• nodejs / server:
npm audit --audit-level=high• generic web: Check server access logs for unusual file requests or attempts to access files outside the expected application directory.
disclosure
Statut de l'Exploit
EPSS
81.95% (percentile 99%)
Vecteur CVSS
The primary mitigation for CVE-2020-5284 is to upgrade to Next.js version 9.3.2 or later. This version includes a fix that prevents the directory traversal vulnerability. If upgrading is not immediately feasible, consider implementing stricter file access controls on the server to limit the potential impact of a successful exploit. While a direct workaround is not available, ensuring that the Next.js application does not handle user-supplied input directly in file paths can reduce the attack surface. After upgrading, verify the fix by attempting to access files outside of the intended application directory; access should be denied.
Actualice Next.js a la versión 9.3.2 o superior. Esto solucionará la vulnerabilidad de path traversal que permite el acceso a archivos dentro del directorio .next.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2020-5284 is a directory traversal vulnerability in Next.js versions before 9.3.2 that allows attackers to potentially read arbitrary files on the server.
You are affected if you are using Next.js versions prior to 9.3.2 and your deployment is not on ZEIT Now v2, using the serverless target, or using next export.
Upgrade to Next.js version 9.3.2 or later to remediate the vulnerability. Implement stricter file access controls as a temporary measure if upgrading is not immediately possible.
While there are public proof-of-concept exploits available, there are currently no known active exploitation campaigns targeting this vulnerability.
You can find the official advisory and release notes on the Next.js GitHub repository: https://github.com/zeit/next.js/releases/tag/v9.3.2
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.