Plataforma
python
Componente
genie
Corrigido em
4.3.19
CVE-2024-4701 describes a critical path traversal vulnerability discovered in Genie, a Python-based configuration management tool. This flaw allows attackers to potentially execute arbitrary code on vulnerable systems by manipulating file paths. Versions of Genie prior to 4.3.18 are affected, and a patch has been released in version 4.3.19 to address the issue.
The path traversal vulnerability in Genie allows an attacker to bypass intended access controls and read or write files outside of the intended directory. This can lead to a complete compromise of the system, including data exfiltration, modification of configuration files, and the execution of malicious code. Successful exploitation could grant an attacker persistent access and control over the affected system. The potential for remote code execution significantly elevates the risk, as attackers can leverage this vulnerability to install malware, create backdoors, or launch further attacks against other systems on the network. This vulnerability shares similarities with other path traversal exploits where attackers leverage improperly validated user input to navigate the file system.
CVE-2024-4701 was publicly disclosed on 2024-05-10. The vulnerability's CVSS score of 9.9 (CRITICAL) indicates a high probability of exploitation. Currently, there are no publicly available proof-of-concept exploits, but the severity of the vulnerability suggests that it is likely to be targeted by attackers. It is not currently listed on the CISA KEV catalog.
Organizations utilizing Genie for configuration management, particularly those with publicly accessible Genie instances or those running Genie as a service with elevated privileges, are at significant risk. Environments with legacy Genie configurations or those lacking robust input validation practices are especially vulnerable.
• python / server:
import os
import glob
# Check for unusual file access patterns
restricted_dir = '/path/to/genie/config/'
for file in glob.glob(os.path.join(restricted_dir, '*')):
if '..' in file:
print(f"Suspicious file access: {file}")• linux / server:
# Monitor Genie process for unusual file access
journalctl -u genie -f | grep "../"• generic web:
curl -I 'http://your-genie-server/../../../../etc/passwd' # Check for path traversal attemptsdisclosure
Status do Exploit
EPSS
17.58% (percentil 95%)
CISA SSVC
Vetor CVSS
The primary mitigation for CVE-2024-4701 is to immediately upgrade Genie to version 4.3.19 or later. If upgrading is not immediately feasible, consider implementing temporary workarounds such as restricting file access permissions and implementing strict input validation to prevent path manipulation. Employ a Web Application Firewall (WAF) with rules to block requests containing suspicious path traversal patterns (e.g., '../'). Monitor system logs and network traffic for unusual activity, particularly attempts to access files outside of expected directories. Consider using a security scanner to identify potential vulnerabilities in your Genie configuration.
Atualize Genie para a versão 4.3.19 ou posterior. Esta atualização corrige a vulnerabilidade de path traversal que permite a execução remota de código. Recomenda-se realizar a atualização o mais rápido possível para mitigar o risco.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2024-4701 is a critical path traversal vulnerability affecting Genie versions 0–4.3.18, allowing attackers to potentially execute code. It's a serious security risk requiring immediate attention.
If you are using Genie versions 0.0.0 through 4.3.18, you are affected by this vulnerability. Check your Genie version and upgrade immediately.
The recommended fix is to upgrade Genie to version 4.3.19 or later. If upgrading is not possible, implement temporary workarounds like restricting file access and using a WAF.
While no public exploits are currently available, the vulnerability's critical severity suggests it is likely to be targeted. Proactive mitigation is essential.
Refer to the official Genie project's security advisories and release notes for detailed information and updates regarding CVE-2024-4701.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.
Envie seu arquivo requirements.txt e descubra na hora se você está afetado.