Plataforma
python
Componente
cbpi4
Corrigido em
4.4.1.a1 (commit 57572c7)
4.4.1.a1
CVE-2024-3955 is a critical Remote Code Execution (RCE) vulnerability discovered in CraftBeerPi cbpi4. This flaw allows attackers to execute arbitrary code by manipulating the 'logtime' URL parameter within the 'downloadlog' function. The vulnerability impacts versions of cbpi4 up to and including 4.4.0, but has been resolved in version 4.4.1.a1.
The impact of CVE-2024-3955 is severe. An attacker can leverage this vulnerability to gain complete control over a vulnerable CraftBeerPi cbpi4 instance. This could involve modifying system configurations, stealing sensitive data (such as brewing recipes, user credentials, or API keys), installing malware, or using the compromised system as a launchpad for further attacks on the network. The ability to execute arbitrary code effectively grants the attacker root-level access, enabling them to compromise the entire system and potentially other connected devices.
CVE-2024-3955 was publicly disclosed on May 2, 2024. While no active exploitation campaigns have been confirmed, the vulnerability's critical severity and ease of exploitation make it a high-priority target. The vulnerability is not currently listed on CISA KEV. Public proof-of-concept exploits are likely to emerge given the vulnerability's nature.
Homebrewers and hobbyists using CraftBeerPi cbpi4 are at significant risk. Particularly vulnerable are those with exposed instances accessible from the internet or those using default configurations without proper network segmentation. Shared hosting environments running cbpi4 are also at increased risk.
• python / server:
journalctl -u craftbeeri -g 'downloadlog'• python / server:
ps aux | grep -i 'os.system(logtime' • generic web:
curl -I 'http://<target>/cbpi/http_endpoints/http_system.py?logtime=;id;'disclosure
Status do Exploit
EPSS
0.46% (percentil 64%)
Vetor CVSS
The primary mitigation for CVE-2024-3955 is to immediately upgrade CraftBeerPi cbpi4 to version 4.4.1.a1 or later. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) rule to block requests containing suspicious values in the 'logtime' parameter. Additionally, restrict access to the 'downloadlog' endpoint to trusted networks or users. Monitor system logs for unusual activity related to the 'downloadlog' function. After upgrading, confirm the fix by attempting to access the 'downloadlog' endpoint with a crafted 'logtime' parameter and verifying that the request is rejected.
Actualice CraftBeerPi 4 a la versión 4.4.1.a1 o posterior. Esto corrige la vulnerabilidad de ejecución de código arbitrario causada por la falta de validación en el parámetro 'logtime' de la función 'downloadlog'. La actualización asegura que el parámetro se valide correctamente antes de pasarlo a la función 'os.system'.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2024-3955 is a critical Remote Code Execution vulnerability in CraftBeerPi cbpi4 versions up to 4.4.0. It allows attackers to execute arbitrary code via an unvalidated URL parameter.
You are affected if you are running CraftBeerPi cbpi4 version 4.4.0 or earlier. Version 4.4.1.a1 contains the fix.
Upgrade CraftBeerPi cbpi4 to version 4.4.1.a1 or later. Consider WAF rules as a temporary workaround if immediate upgrade is not possible.
While no active exploitation campaigns have been confirmed, the vulnerability's severity makes it a likely target for attackers.
Refer to the CraftBeerPi GitHub repository and release notes for the latest information and advisory regarding CVE-2024-3955.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.
Envie seu arquivo requirements.txt e descubra na hora se você está afetado.