Plataforma
wordpress
Componente
stm-megamenu
Corrigido em
2.3.13
CVE-2024-35677 describes a Path Traversal vulnerability within the StylemixThemes MegaMenu WordPress plugin. This vulnerability allows an attacker to include arbitrary files on the server, potentially leading to remote code execution and complete system compromise. The vulnerability affects versions of MegaMenu up to and including 2.3.12, with a fix available in version 2.3.13.
The Path Traversal vulnerability in StylemixThemes MegaMenu is particularly dangerous because it allows for PHP Local File Inclusion (LFI). An attacker can leverage this to read sensitive files, such as configuration files containing database credentials or application code. More critically, they could include PHP files containing malicious code, leading to remote code execution (RCE). This could grant the attacker full control over the WordPress server, enabling them to steal data, modify the website, or use the server as a launchpad for further attacks. The potential blast radius extends to any data stored on the server and any systems accessible from the compromised WordPress instance.
CVE-2024-35677 was publicly disclosed on June 10, 2024. While no active exploitation campaigns have been definitively confirmed, the vulnerability's CRITICAL severity and ease of exploitation make it a high-priority target. The vulnerability is not currently listed on CISA KEV, but its potential impact warrants close monitoring. Public proof-of-concept exploits are likely to emerge, increasing the risk of widespread exploitation.
WordPress websites utilizing the StylemixThemes MegaMenu plugin, particularly those running older versions (≤2.3.12), are at significant risk. Shared hosting environments are especially vulnerable, as they often have limited access controls and a higher concentration of vulnerable plugins. Websites with custom MegaMenu configurations or integrations may also be at increased risk if they haven't implemented additional security measures.
• wordpress / composer / npm:
grep -r "../" /var/www/html/wp-content/plugins/megamenu/*• generic web:
curl -I http://your-wordpress-site.com/wp-content/plugins/megamenu/../../../../etc/passwd | head -n 1• wordpress / composer / npm:
wp plugin list --status=inactive | grep megamenu• wordpress / composer / npm:
wp plugin update megamenu --alldisclosure
Status do Exploit
EPSS
0.65% (percentil 71%)
CISA SSVC
Vetor CVSS
The primary mitigation for CVE-2024-35677 is to immediately upgrade StylemixThemes MegaMenu to version 2.3.13 or later. If upgrading is not immediately feasible, implement temporary workarounds. These include restricting file access permissions to the MegaMenu plugin directory, implementing strict input validation to sanitize any user-supplied data used in file paths, and utilizing a Web Application Firewall (WAF) to block requests containing suspicious path traversal patterns. Consider using a WAF rule that denies requests containing directory traversal sequences like '../'. After upgrading, confirm the fix by attempting to access a non-existent file through the MegaMenu interface and verifying that access is denied.
Actualice el plugin MegaMenu a la última versión disponible. La vulnerabilidad se encuentra en versiones anteriores a la más reciente. Para actualizar, vaya al panel de administración de WordPress, sección 'Plugins' y busque 'MegaMenu' para actualizarlo.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2024-35677 is a critical Path Traversal vulnerability in the StylemixThemes MegaMenu WordPress plugin, allowing attackers to include arbitrary files on the server.
You are affected if you are using StylemixThemes MegaMenu version 2.3.12 or earlier. Upgrade to version 2.3.13 to mitigate the risk.
The recommended fix is to upgrade StylemixThemes MegaMenu to version 2.3.13. As a temporary workaround, implement strict file access controls and input validation.
While no active exploitation campaigns have been definitively confirmed, the vulnerability's severity makes it a high-priority target and exploitation is likely.
Refer to the StylemixThemes website and WordPress plugin repository for the latest advisory and update information.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.