CVE-2017-14196 – This CVE describes a path traversal vulnerabili... (How to Fix)

📋 TL;DR

This CVE describes a path traversal vulnerability in Squiz Matrix's File Bridge plugin that allows attackers to confirm the existence of files outside the bridged directory. It affects Squiz Matrix versions 5.3 through 5.3.6.1 and 5.4.1.3. The vulnerability enables information disclosure about file system structure without necessarily reading file contents.

💻 Affected Systems

Products:

Squiz Matrix CMS

Versions: 5.3 through 5.3.6.1 and 5.4.1.3

Operating Systems: All platforms running Squiz Matrix

Default Config Vulnerable: ⚠️ Yes

Notes: Requires File Bridge plugin to be enabled and accessible.

📦 What is this software?

Matrix by Squiz

View all CVEs affecting Matrix →

Matrix by Squiz

View all CVEs affecting Matrix →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could map the entire file system structure, identify sensitive files, and use this information for further attacks like directory traversal to read or write files.

🟠

Likely Case

Attackers confirm existence of files outside intended directories, potentially discovering configuration files, backups, or other sensitive data locations.

🟢

If Mitigated

With proper access controls and network segmentation, impact is limited to confirming file existence without actual data exposure.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The vulnerability is simple to exploit via crafted URL parameters. Public details available in referenced advisories.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after 5.3.6.1 and 5.4.1.3

Vendor Advisory: http://devalias.net/devalias/2017/09/07/squiz-matrix-multiple-vulnerabilities/

Restart Required: No

Instructions:

1. Upgrade to Squiz Matrix version 5.3.6.2 or later for 5.3.x branch
2. Upgrade to version 5.4.1.4 or later for 5.4.x branch
3. Apply vendor patches if available
4. Verify File Bridge plugin is properly configured after update

🔧 Temporary Workarounds

Disable File Bridge Plugin

all

Temporarily disable the vulnerable File Bridge plugin if immediate patching isn't possible.

Navigate to Squiz Matrix admin panel > Plugins > Disable File Bridge

Restrict Access

all

Implement network access controls to restrict access to Squiz Matrix administration interfaces.

Configure firewall rules to limit access to Squiz Matrix ports

🧯 If You Can't Patch

Implement strict input validation and path sanitization in the File Bridge plugin
Deploy web application firewall (WAF) with path traversal protection rules

🔍 How to Verify

Check if Vulnerable:

Test if you can access files outside bridged path using path traversal sequences in File Bridge requests.

Check Version:

Check Squiz Matrix version in admin panel or configuration files

Verify Fix Applied:

Attempt the same path traversal techniques after patching; they should fail with proper error handling.

📡 Detection & Monitoring

Log Indicators:

Multiple failed attempts with path traversal sequences in File Bridge requests
Unusual file path patterns in access logs

Network Indicators:

HTTP requests containing '../' or similar traversal patterns to File Bridge endpoints

SIEM Query:

source="web_logs" AND (uri="*../*" OR uri="*..\\*" OR uri="*%2e%2e%2f*") AND uri="*file_bridge*"

📊 Metadata

CVE ID: CVE-2017-14196

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-22

Published: November 30, 2017

Last Updated: April 20, 2025

🔗 References

http://devalias.net/devalias/2017/09/07/squiz-matrix-multiple-vulnerabilities/ Issue Tracking,Third Party Advisory
http://devalias.net/devalias/2017/09/07/squiz-matrix-multiple-vulnerabilities/ Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2017-14196, you might also want to check these: