CVE-2024-56509 (GCVE-0-2024-56509)
Vulnerability from cvelistv5 – Published: 2024-12-27 15:56 – Updated: 2024-12-27 20:55
VLAI?
Title
changedetection.io has Improper Input Validation Leading to LFR/Path Traversal
Summary
changedetection.io is a free open source web page change detection, website watcher, restock monitor and notification service. Improper input validation in the application can allow attackers to perform local file read (LFR) or path traversal attacks. These vulnerabilities occur when user input is used to construct file paths without adequate sanitization or validation. For example, using file:../../../etc/passwd or file: ///etc/passwd can bypass weak validations and allow unauthorized access to sensitive files. Even though this has been addressed in previous patch, it is still insufficient. This vulnerability is fixed in 0.48.05.
Severity ?
8.6 (High)
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| dgtlmoon | changedetection.io |
Affected:
< 0.48.05
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-56509",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T20:55:06.406919Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T20:55:14.288Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-j5vv-6wjg-cfr8"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "changedetection.io",
"vendor": "dgtlmoon",
"versions": [
{
"status": "affected",
"version": "\u003c 0.48.05"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "changedetection.io is a free open source web page change detection, website watcher, restock monitor and notification service. Improper input validation in the application can allow attackers to perform local file read (LFR) or path traversal attacks. These vulnerabilities occur when user input is used to construct file paths without adequate sanitization or validation. For example, using file:../../../etc/passwd or file: ///etc/passwd can bypass weak validations and allow unauthorized access to sensitive files. Even though this has been addressed in previous patch, it is still insufficient. This vulnerability is fixed in 0.48.05."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T15:56:04.490Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-j5vv-6wjg-cfr8",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-j5vv-6wjg-cfr8"
},
{
"name": "https://github.com/dgtlmoon/changedetection.io/commit/f7e9846c9b40a229813d19cdb66bf60fbe5e6a2a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dgtlmoon/changedetection.io/commit/f7e9846c9b40a229813d19cdb66bf60fbe5e6a2a"
}
],
"source": {
"advisory": "GHSA-j5vv-6wjg-cfr8",
"discovery": "UNKNOWN"
},
"title": "changedetection.io has Improper Input Validation Leading to LFR/Path Traversal"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-56509",
"datePublished": "2024-12-27T15:56:04.490Z",
"dateReserved": "2024-12-26T19:31:41.125Z",
"dateUpdated": "2024-12-27T20:55:14.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-56509\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-12-27T20:55:06.406919Z\"}}}], \"references\": [{\"url\": \"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-j5vv-6wjg-cfr8\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-27T20:54:56.614Z\"}}], \"cna\": {\"title\": \"changedetection.io has Improper Input Validation Leading to LFR/Path Traversal\", \"source\": {\"advisory\": \"GHSA-j5vv-6wjg-cfr8\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.6, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"dgtlmoon\", \"product\": \"changedetection.io\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 0.48.05\"}]}], \"references\": [{\"url\": \"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-j5vv-6wjg-cfr8\", \"name\": \"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-j5vv-6wjg-cfr8\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/dgtlmoon/changedetection.io/commit/f7e9846c9b40a229813d19cdb66bf60fbe5e6a2a\", \"name\": \"https://github.com/dgtlmoon/changedetection.io/commit/f7e9846c9b40a229813d19cdb66bf60fbe5e6a2a\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"changedetection.io is a free open source web page change detection, website watcher, restock monitor and notification service. Improper input validation in the application can allow attackers to perform local file read (LFR) or path traversal attacks. These vulnerabilities occur when user input is used to construct file paths without adequate sanitization or validation. For example, using file:../../../etc/passwd or file: ///etc/passwd can bypass weak validations and allow unauthorized access to sensitive files. Even though this has been addressed in previous patch, it is still insufficient. This vulnerability is fixed in 0.48.05.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-200\", \"description\": \"CWE-200: Exposure of Sensitive Information to an Unauthorized Actor\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-12-27T15:56:04.490Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-56509\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-27T20:55:14.288Z\", \"dateReserved\": \"2024-12-26T19:31:41.125Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-12-27T15:56:04.490Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
FKIE_CVE-2024-56509
Vulnerability from fkie_nvd - Published: 2024-12-27 16:15 - Updated: 2024-12-27 21:15
Severity ?
Summary
changedetection.io is a free open source web page change detection, website watcher, restock monitor and notification service. Improper input validation in the application can allow attackers to perform local file read (LFR) or path traversal attacks. These vulnerabilities occur when user input is used to construct file paths without adequate sanitization or validation. For example, using file:../../../etc/passwd or file: ///etc/passwd can bypass weak validations and allow unauthorized access to sensitive files. Even though this has been addressed in previous patch, it is still insufficient. This vulnerability is fixed in 0.48.05.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "changedetection.io is a free open source web page change detection, website watcher, restock monitor and notification service. Improper input validation in the application can allow attackers to perform local file read (LFR) or path traversal attacks. These vulnerabilities occur when user input is used to construct file paths without adequate sanitization or validation. For example, using file:../../../etc/passwd or file: ///etc/passwd can bypass weak validations and allow unauthorized access to sensitive files. Even though this has been addressed in previous patch, it is still insufficient. This vulnerability is fixed in 0.48.05."
},
{
"lang": "es",
"value": "changedetection.io es un servicio gratuito de c\u00f3digo abierto de detecci\u00f3n de cambios en p\u00e1ginas web, vigilancia de sitios web, monitorizaci\u00f3n de reabastecimiento y notificaci\u00f3n. La validaci\u00f3n incorrecta de la entrada en la aplicaci\u00f3n puede permitir a los atacantes realizar ataques de lectura local de archivos (LFR) o de path traversal. Estas vulnerabilidades ocurren cuando la entrada del usuario se utiliza para construir rutas de archivos sin una desinfecci\u00f3n o validaci\u00f3n adecuadas. Por ejemplo, el uso de file:../../../etc/passwd o file: ///etc/passwd puede eludir validaciones d\u00e9biles y permitir el acceso no autorizado a archivos confidenciales. Aunque esto se ha solucionado en un parche anterior, sigue siendo insuficiente. Esta vulnerabilidad se ha corregido en la versi\u00f3n 0.48.05."
}
],
"id": "CVE-2024-56509",
"lastModified": "2024-12-27T21:15:08.483",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2024-12-27T16:15:25.333",
"references": [
{
"source": "security-advisories@github.com",
"url": "https://github.com/dgtlmoon/changedetection.io/commit/f7e9846c9b40a229813d19cdb66bf60fbe5e6a2a"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-j5vv-6wjg-cfr8"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"url": "https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-j5vv-6wjg-cfr8"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
},
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
GHSA-J5VV-6WJG-CFR8
Vulnerability from github – Published: 2024-12-27 18:02 – Updated: 2024-12-27 19:09
VLAI?
Summary
changedetection.io Vulnerable to Improper Input Validation Leading to LFR/Path Traversal
Details
Summary
Improper input validation in the application can allow attackers to perform local file read (LFR) or path traversal attacks. These vulnerabilities occur when user input is used to construct file paths without adequate sanitization or validation. For example, using file:../../../etc/passwd or file: ///etc/passwd can bypass weak validations and allow unauthorized access to sensitive files. Even though this has been addressed in previous patch, it is still insufficient.
Details
The check in this line of code is insufficient.
if re.search(r'^file:/', url.strip(), re.IGNORECASE):
The attacker can still bypass this by using:
-file:../../../../etc/passwd
-file: ///etc/passwd (with space before /)
PoC
- Open up a changedetection.io instance with a webdriver configured.
- Create a new watch with
file:../../../../etc/passwd. - Check the watch preview.
- The contents of
/etc/passwdshould pop out.
Screenshots
Severity ?
8.6 (High)
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "changedetection.io"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.48.05"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-56509"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-22"
],
"github_reviewed": true,
"github_reviewed_at": "2024-12-27T18:02:02Z",
"nvd_published_at": "2024-12-27T16:15:25Z",
"severity": "HIGH"
},
"details": "### Summary\nImproper input validation in the application can allow attackers to perform local file read (LFR) or path traversal attacks. These vulnerabilities occur when user input is used to construct file paths without adequate sanitization or validation. For example, using `file:../../../etc/passwd` or `file: ///etc/passwd` can bypass weak validations and allow unauthorized access to sensitive files. Even though this has been addressed in previous patch, it is still insufficient.\n\n### Details\nThe check in this line of code is insufficient.\n```\nif re.search(r\u0027^file:/\u0027, url.strip(), re.IGNORECASE):\n```\nThe attacker can still bypass this by using:\n-`file:../../../../etc/passwd`\n-`file: ///etc/passwd` (with space before /)\n\n### PoC\n- Open up a changedetection.io instance with a webdriver configured.\n- Create a new watch with `file:../../../../etc/passwd`.\n- Check the watch preview.\n- The contents of `/etc/passwd` should pop out.\n\n### Screenshots\n\n",
"id": "GHSA-j5vv-6wjg-cfr8",
"modified": "2024-12-27T19:09:04Z",
"published": "2024-12-27T18:02:02Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-j5vv-6wjg-cfr8"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56509"
},
{
"type": "WEB",
"url": "https://github.com/dgtlmoon/changedetection.io/commit/4419bc0e61d0b03c588bd573a3602bbcfd953671"
},
{
"type": "WEB",
"url": "https://github.com/dgtlmoon/changedetection.io/commit/f7e9846c9b40a229813d19cdb66bf60fbe5e6a2a"
},
{
"type": "PACKAGE",
"url": "https://github.com/dgtlmoon/changedetection.io"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "changedetection.io Vulnerable to Improper Input Validation Leading to LFR/Path Traversal"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…