216.73.217.176

CVE-2024-52291

· Published 13/11/2024 17:15 · Modified 19/11/2024 18:06

Labels: CVE-2024-52291 2024-11-13CVE-2024-52291CWE-22[email protected]

Essential information

Published
13/11/2024 17:15
Modified
19/11/2024 18:06
Author
Creator
CVSS
8.4 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

CVSS metrics

Description

Craft is a content management system (CMS). A vulnerability in CraftCMS allows an attacker to bypass local file system validation by utilizing a double file:// scheme (e.g., file://file:////). This enables the attacker to specify sensitive folders as the file system, leading to potential file overwriting through malicious uploads, unauthorized access to sensitive files, and, under certain conditions, remote code execution (RCE) via Server-Side Template Injection (SSTI) payloads. Note that this will only work if you have an authenticated administrator account with allowAdminChanges enabled. This is fixed in 5.4.6 and 4.12.5.

NVD status

Status
Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
craftcms / craft cms cpe:2.3:a:craftcms:craft_cms:*:*:*:*:*:*:*:*
craftcms / craft cms cpe:2.3:a:craftcms:craft_cms:*:*:*:*:*:*:*:*
craftcms / craft cms cpe:2.3:a:craftcms:craft_cms:4.0.0:rc1:*:*:*:*:*:*
craftcms / craft cms cpe:2.3:a:craftcms:craft_cms:4.0.0:rc2:*:*:*:*:*:*
craftcms / craft cms cpe:2.3:a:craftcms:craft_cms:4.0.0:rc3:*:*:*:*:*:*
craftcms / craft cms cpe:2.3:a:craftcms:craft_cms:5.0.0:rc1:*:*:*:*:*:*

References