django-s3file directory traversal | CVE-2022-24840
NAME
django-s3file directory traversal
- Platforms Affected:
django-s3file django-s3file 5.5.0 - Risk Level:
9.1 - Exploitability:
Unproven - Consequences:
Obtain Information
DESCRIPTION
django-s3file could allow a remote attacker to traverse directories on the system, caused by a flaw when the AWS_LOCATION setting is set. An attacker could send a specially-crafted URL request containing “dot dot” sequences (/../) to access or delete arbitrary files on the system.
CVSS 3.0 Information
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Access Vector: Network
- Access Complexity: Low
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: None
- Remediation Level: Official Fix
MITIGATION
Upgrade to the latest version of django-s3file (5.5.1 or later), available from the django-s3file GIT Repository. See References.
- Reference Link:
https://github.com/codingjoe/django-s3file/security/advisories/GHSA-4w8f-hjm9-xwgf - Reference Link:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24840
If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.