CVE-2018-1000882

Exploit

EPSS 0.5%
Veröffentlicht 20.12.2018 17:29:01
Zuletzt bearbeitet 21.11.2024 03:40:34
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

WeBid version up to current version 1.2.2 contains a Directory Traversal vulnerability in getthumb.php that can result in Arbitrary Image File Read. This attack appear to be exploitable via HTTP GET Request. This vulnerability appears to have been fixed in after commit 256a5f9d3eafbc477dcf77c7682446cc4b449c7f.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Webidsupport ≫ Webid Version <= 1.2.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.5%	0.635

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f

Patch

https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt

Third Party Advisory

Exploit

http://bugs.webidsupport.com/view.php?id=646

Vendor Advisory

Release Notes

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2018-1000882

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-1000882

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-1000882

EUVD