CVE-2024-6396

Exploit

EPSS 53.39%
Veröffentlicht 12.07.2024 00:15:01
Zuletzt bearbeitet 23.07.2025 20:56:39
Quelle security@huntr.dev
CVE-Watchlists
Login
Unerledigt
Login

Arbitrary File Overwrite and Data Exfiltration in aimhubio/aim

A vulnerability in the `_backup_run` function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. The vulnerability arises due to improper handling of the `run_hash` and `repo.path` parameters, which can be manipulated to create and write to arbitrary file paths. This can lead to denial of service by overwriting critical system files, loss of private data, and potential remote code execution.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Aimstack ≫ Aim Version3.19.3 SwPlatformpython

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	53.39%	0.989

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security@huntr.dev	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-29 Path Traversal: '\..\filename'

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '\..\filename' (leading backslash dot dot) sequences that can resolve to a location that is outside of that directory.

https://huntr.com/bounties/c1b17afd-4656-47bb-8310-686a9e1b04a0

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2024-6396

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-6396

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-6396

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-6396