CVE-2024-55602

moderate-risk
Published 2024-12-10

PwnDoc is a penetration test report generator. Prior to commit 1d4219c596f4f518798492e48386a20c6e9a2fe6, an authenticated user who is able to update and download templates can inject path traversal (`../`) sequences into the file extension property to read arbitrary files on the system. Commit 1d4219c596f4f518798492e48386a20c6e9a2fe6 contains a patch for the issue.

Do I need to act?

-
0.45% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.6/10 High
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Pwndoc Project

References (7)

Product https://gist.github.com/JorianWoltjer/8a42e25c6dfa7604020d2a226e193407
Product https://github.com/pwndoc/pwndoc/blob/2e7f5747d5688b1368e549c786ce7266fe5ab2b5/b...
Product https://github.com/pwndoc/pwndoc/blob/2e7f5747d5688b1368e549c786ce7266fe5ab2b5/b...
Patch https://github.com/pwndoc/pwndoc/commit/1d4219c596f4f518798492e48386a20c6e9a2fe6
Exploit https://github.com/pwndoc/pwndoc/security/advisories/GHSA-2mqc-gg7h-76p6
Product https://gist.github.com/JorianWoltjer/8a42e25c6dfa7604020d2a226e193407
Exploit https://github.com/pwndoc/pwndoc/security/advisories/GHSA-2mqc-gg7h-76p6
34
/ 100
moderate-risk
Severity 27/34 · High
Exploitability 2/34 · Minimal
Exposure 5/34 · Minimal