CVE-2024-6396

Exploit

EPSS 90.83%
Veröffentlicht 12.07.2024 00:15:01
Zuletzt bearbeitet 23.07.2025 20:56:39
Quelle security@huntr.dev
CVE-Watchlists
Login
Unerledigt
Login

A vulnerability in the `_backup_run` function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. The vulnerability arises due to improper handling of the `run_hash` and `repo.path` parameters, which can be manipulated to create and write to arbitrary file paths. This can lead to denial of service by overwriting critical system files, loss of private data, and potential remote code execution.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Aimstack ≫ Aim Version3.19.3 SwPlatformpython

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	90.83%	0.996

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security@huntr.dev	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-29 Path Traversal: '\..\filename'

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '\..\filename' (leading backslash dot dot) sequences that can resolve to a location that is outside of that directory.

https://huntr.com/bounties/c1b17afd-4656-47bb-8310-686a9e1b04a0

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2024-6396

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-6396

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-6396

EUVD