Plataforma
other
Componente
ltcms
Corrigido em
1.0.21
CVE-2024-7742 represents a critical server-side request forgery (SSRF) vulnerability identified in ltcms versions 1.0.20–1.0.20. This flaw allows attackers to manipulate API requests, potentially leading to unauthorized access to internal resources and sensitive data. A fix is available in version 1.0.21, and the vulnerability details have been publicly disclosed.
The SSRF vulnerability in ltcms allows an attacker to craft malicious requests through the /api/file/multiDownload endpoint. By manipulating the file argument, an attacker can force the server to make requests to arbitrary internal or external URLs. This could expose sensitive internal services, databases, or cloud resources that are not directly accessible from the internet. Successful exploitation could lead to data breaches, privilege escalation, and potentially even remote code execution if internal services are vulnerable. The public disclosure of this vulnerability significantly increases the risk of exploitation.
This vulnerability has been publicly disclosed, increasing the likelihood of exploitation. The vendor, wanglongcn, has not responded to early disclosure attempts. The vulnerability is not currently listed on CISA KEV, but its public nature warrants close monitoring. Public proof-of-concept exploits are likely to emerge, further accelerating the risk.
Organizations utilizing ltcms version 1.0.20–1.0.20, particularly those with sensitive internal resources accessible via the API, are at significant risk. Shared hosting environments running ltcms are also vulnerable, as they may lack the ability to implement granular network controls.
disclosure
Status do Exploit
EPSS
0.15% (percentil 35%)
CISA SSVC
Vetor CVSS
The primary mitigation for CVE-2024-7742 is to immediately upgrade ltcms to version 1.0.21 or later, which contains the fix. If upgrading is not immediately feasible, consider implementing temporary workarounds such as restricting outbound network access from the ltcms server using a firewall or proxy. Implement strict input validation on the file parameter in the /api/file/multiDownload endpoint to prevent malicious URL manipulation. Monitor API logs for suspicious outbound requests.
Atualizar para uma versão corrigida ou desabilitar o endpoint /api/file/multiDownload. Se não houver uma versão corrigida disponível, implementar validações robustas no parâmetro 'file' para prevenir solicitações a URLs não autorizadas. Monitorar o tráfego de rede para detectar atividades suspeitas.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2024-7742 is a critical server-side request forgery (SSRF) vulnerability affecting ltcms versions 1.0.20–1.0.20, allowing attackers to manipulate API requests and potentially access internal resources.
If you are running ltcms version 1.0.20–1.0.20, you are vulnerable to this SSRF vulnerability. Upgrade to version 1.0.21 or later to mitigate the risk.
The recommended fix is to upgrade ltcms to version 1.0.21 or later. As a temporary workaround, restrict outbound network access and implement strict input validation on the file parameter.
While active exploitation is not yet confirmed, the public disclosure of this vulnerability significantly increases the risk of exploitation. Monitor your systems closely.
Due to the vendor's lack of response, an official advisory may not be available. Monitor security news sources and vulnerability databases for updates.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.