CVE-2021-35397

Опубликовано: 04 авг. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

A path traversal vulnerability in the static router for Drogon from 1.0.0-beta14 to 1.6.0 could allow an unauthenticated, remote attacker to arbitrarily read files. The vulnerability is due to lack of proper input validation for requested path. An attacker could exploit this vulnerability by sending crafted HTTP request with specific path to read. Successful exploitation could allow the attacker to read files that should be restricted.

Ссылки

https://github.com/an-tao/drogon
Third Party Advisory
https://github.com/an-tao/drogon/blob/834e3eabdd0441ad2bc80c02e8bbfc3b8312c213/lib/src/StaticFileRouter.cc#L62-L67
Exploit
Third Party Advisory
https://github.com/an-tao/drogon/wiki/ENG-02-Installation
Third Party Advisory
https://github.com/an-tao/drogon/wiki/ENG-03-Quick-Start#Static-Site
Third Party Advisory
https://github.com/an-tao/drogon
Third Party Advisory
https://github.com/an-tao/drogon/blob/834e3eabdd0441ad2bc80c02e8bbfc3b8312c213/lib/src/StaticFileRouter.cc#L62-L67
Exploit
Third Party Advisory
https://github.com/an-tao/drogon/wiki/ENG-02-Installation
Third Party Advisory
https://github.com/an-tao/drogon/wiki/ENG-03-Quick-Start#Static-Site
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:drogon:drogon:*:*:*:*:*:*:*:*

Версия от 1.1.0 (включая) до 1.6.0 (включая)

cpe:2.3:a:drogon:drogon:1.0.0:-:*:*:*:*:*:*

cpe:2.3:a:drogon:drogon:1.0.0:beta14:*:*:*:*:*:*

cpe:2.3:a:drogon:drogon:1.0.0:beta15:*:*:*:*:*:*

cpe:2.3:a:drogon:drogon:1.0.0:beta16:*:*:*:*:*:*

cpe:2.3:a:drogon:drogon:1.0.0:beta17:*:*:*:*:*:*

cpe:2.3:a:drogon:drogon:1.0.0:beta18:*:*:*:*:*:*

cpe:2.3:a:drogon:drogon:1.0.0:beta19:*:*:*:*:*:*

cpe:2.3:a:drogon:drogon:1.0.0:beta20:*:*:*:*:*:*

cpe:2.3:a:drogon:drogon:1.0.0:beta21:*:*:*:*:*:*

EPSS

Процентиль: 86%

0.02944

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-69wp-9456-2p9w

github

больше 3 лет назад