CVE-2024-55602

Public Exploit

PenDoc vulnerable to Arbitrary File Read on updating and downloading templates using Path Traversal

Description

PwnDoc is a penetration test report generator. Prior to commit 1d4219c596f4f518798492e48386a20c6e9a2fe6, an authenticated user who is able to update and download templates can inject path traversal (`../`) sequences into the file extension property to read arbitrary files on the system. Commit 1d4219c596f4f518798492e48386a20c6e9a2fe6 contains a patch for the issue.

References

Link	Tags
https://github.com/pwndoc/pwndoc/security/advisories/GHSA-2mqc-gg7h-76p6	vendor advisory exploit
https://github.com/pwndoc/pwndoc/commit/1d4219c596f4f518798492e48386a20c6e9a2fe6	patch
https://gist.github.com/JorianWoltjer/8a42e25c6dfa7604020d2a226e193407	product
https://github.com/pwndoc/pwndoc/blob/2e7f5747d5688b1368e549c786ce7266fe5ab2b5/backend/src/routes/template.js#L103	product
https://github.com/pwndoc/pwndoc/blob/2e7f5747d5688b1368e549c786ce7266fe5ab2b5/backend/src/routes/template.js#L43-L47	product

Frequently Asked Questions

What is the severity of CVE-2024-55602?: CVE-2024-55602 has been scored as a high severity vulnerability.
How to fix CVE-2024-55602?: To fix CVE-2024-55602, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-55602 being actively exploited in the wild?: It is possible that CVE-2024-55602 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-55602?: CVE-2024-55602 affects pwndoc pwndoc.

Description

Category

CWE-22 – Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

References

Frequently Asked Questions