Local File System Validation Bypass Vulnerability in CraftCMS by Craft
CVE-2024-52291

7.2HIGH

Key Information:

Vendor
Craftcms
Status
Craft Cms
Vendor
CVE Published:
13 November 2024

Summary

A vulnerability exists in CraftCMS that allows an attacker to bypass local file system validation through a crafted double file:// scheme. This exploitation could enable the attacker to define sensitive directories as the file system, resulting in malicious uploads that may overwrite files or grant unauthorized access to sensitive data. Furthermore, under certain conditions, this vulnerability could facilitate remote code execution via Server-Side Template Injection payloads, provided the attacker has an authenticated administrator account with allowAdminChanges enabled. This issue has been addressed in CraftCMS versions 5.4.6 and 4.12.5.

References

https://github.com/craftcms/cms/security/advisories/GHSA-...

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

.
CVE-2024-52291 : Local File System Validation Bypass Vulnerability in CraftCMS by Craft | SecurityVulnerability.io