CVE-2024-51747 describes a critical Arbitrary File Access vulnerability affecting Kanboard project management software versions up to 1.2.42. An authenticated administrator can exploit this flaw to read and delete arbitrary files on the server, potentially leading to complete data compromise. The vulnerability stems from insecure handling of file paths within the project database, allowing for path traversal attacks. A fix is available in version 1.2.42.
影响与攻击场景翻译中…
This vulnerability poses a significant risk to Kanboard deployments. An attacker, once authenticated as an administrator, can leverage path traversal techniques to access and delete any file accessible by the web server process. This includes sensitive configuration files, database backups, and potentially even system files. The impact extends beyond simple data theft; an attacker could potentially gain complete control over the server by modifying critical system files or executing arbitrary code through file inclusion vulnerabilities. The ability to delete files also allows for denial-of-service attacks and data destruction, severely disrupting project management operations.
利用背景翻译中…
CVE-2024-51747 was publicly disclosed on 2024-11-11. There is currently no indication of active exploitation in the wild, but the ease of exploitation and the critical severity warrant immediate attention. No KEV listing exists as of this writing. Public proof-of-concept code is likely to emerge given the vulnerability's nature and the lack of authentication requirements beyond admin access.
哪些人处于风险中翻译中…
Organizations utilizing Kanboard for project management, particularly those running versions prior to 1.2.42, are at risk. This includes small to medium-sized businesses relying on Kanboard's Kanban methodology and potentially shared hosting environments where Kanboard instances are deployed alongside other applications, increasing the risk of cross-site contamination.
检测步骤翻译中…
• php / web:
find /var/www/kanboard -type f -name 'sqlite.db' -print• php / web: Check Kanboard version using php -v and verify it's below 1.2.42.
• php / web: Monitor web server access logs for requests containing '../' sequences in the file path.
• php / web: Review Kanboard project database for unusual file paths associated with project files.
攻击时间线
- Disclosure
disclosure
威胁情报
漏洞利用状态
EPSS
1.98% (84% 百分位)
CISA SSVC
CVSS 向量
这些指标意味着什么?
- Attack Vector
- 网络 — 可通过互联网远程利用,无需物理或本地访问。攻击面最大。
- Attack Complexity
- 低 — 无需特殊条件,可以稳定地利用漏洞。
- Privileges Required
- 高 — 需要管理员或特权账户。
- User Interaction
- 无 — 攻击自动且无声,受害者无需任何操作。
- Scope
- 已改变 — 攻击可以超出脆弱组件,影响其他系统。
- Confidentiality
- 高 — 完全丧失机密性,攻击者可读取所有数据。
- Integrity
- 高 — 攻击者可写入、修改或删除任何数据。
- Availability
- 高 — 完全崩溃或资源耗尽,完全拒绝服务。
受影响的软件
弱点分类 (CWE)
时间线
- 已保留
- 发布日期
- 修改日期
- EPSS 更新日期
缓解措施和替代方案翻译中…
The primary mitigation is to immediately upgrade Kanboard to version 1.2.42 or later. If upgrading is not immediately feasible due to compatibility issues or downtime constraints, consider implementing temporary workarounds. Restrict file upload permissions to the Kanboard user account, minimizing the potential attack surface. Implement strict input validation on all file paths used within the application to prevent path traversal attempts. Monitor web server access logs for suspicious file access patterns, particularly requests containing directory traversal sequences (e.g., '../'). After upgrading, verify the fix by attempting to access a file outside the intended project directory through the file attachment feature; access should be denied.
修复方法
将 Kanboard 升级到 1.2.42 或更高版本。此版本包含任意文件读取和删除漏洞的修复程序。可以通过 Kanboard 管理面板进行升级,或者下载最新版本的软件并替换现有文件。
CVE 安全通讯
漏洞分析和关键警报直接发送到您的邮箱。
常见问题翻译中…
What is CVE-2024-51747 — Arbitrary File Access in Kanboard?
CVE-2024-51747 is a critical vulnerability in Kanboard versions up to 1.2.42 allowing authenticated admins to read and delete arbitrary files on the server via path traversal.
Am I affected by CVE-2024-51747 in Kanboard?
Yes, if you are running Kanboard version 1.2.42 or earlier, you are vulnerable to this Arbitrary File Access issue.
How do I fix CVE-2024-51747 in Kanboard?
Upgrade Kanboard to version 1.2.42 or later to resolve this vulnerability. Implement temporary workarounds like restricting file upload permissions if immediate upgrade is not possible.
Is CVE-2024-51747 being actively exploited?
There is currently no confirmed active exploitation, but the vulnerability's severity and ease of exploitation suggest it could be targeted soon.
Where can I find the official Kanboard advisory for CVE-2024-51747?
Refer to the Kanboard security advisory on their official website or GitHub repository for detailed information and updates.