CVE-2024-2083

Exploit

EPSS 0.38%
Published 16.04.2024 00:15:11
Last modified 12.05.2025 13:12:08
Source security@huntr.dev
Teams watchlist Login
Open Login

A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically within the /api/v1/steps endpoint. Attackers can exploit this vulnerability by manipulating the 'logs' URI path in the request to fetch arbitrary file content, bypassing intended access restrictions. The vulnerability arises due to the lack of validation for directory traversal patterns, allowing attackers to access files outside of the restricted directory.

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Zenml ≫ Zenml Version < 0.55.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.38%	0.585

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.9	3.1	6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
security@huntr.dev	9.9	3.1	6	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE-29 Path Traversal: '\..\filename'

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '\..\filename' (leading backslash dot dot) sequences that can resolve to a location that is outside of that directory.

https://github.com/zenml-io/zenml/commit/00e934f33a243a554f5f65b80eefd5ea5117367b

Patch

Third Party Advisory

https://huntr.com/bounties/f24b2216-6a4b-42a1-becb-9b47e6cf117f

Third Party Advisory

Exploit

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2024-2083

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-2083

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-2083

EUVD