CVE-2021-38758
📋 TL;DR
CVE-2021-38758 is a directory traversal vulnerability in Online Catering Reservation System 1.0 that allows attackers to read arbitrary files on the server by manipulating file paths in index.php. This affects all installations of version 1.0 of this specific catering reservation software.
💻 Affected Systems
- Online Catering Reservation System
📦 What is this software?
Online Catering Reservation System by Online Catering Reservation System Project
View all CVEs affecting Online Catering Reservation System →
⚠️ Risk & Real-World Impact
Worst Case
Attackers could read sensitive files like configuration files, database credentials, or system files, potentially leading to full system compromise if credentials are exposed.
Likely Case
Unauthorized file disclosure including configuration files, source code, and potentially sensitive customer data stored in accessible files.
If Mitigated
Limited impact with proper file permissions and web server configuration restricting access to sensitive directories.
🎯 Exploit Status
Simple path traversal via index.php parameter manipulation. Public exploit code available in GitHub repositories.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: None
Vendor Advisory: None
Restart Required: No
Instructions:
No official patch available. Consider upgrading to a different catering reservation system or implementing custom fixes.
🔧 Temporary Workarounds
Input Validation Filter
allAdd input validation to index.php to filter directory traversal sequences
Modify index.php to validate and sanitize file path parameters before processing
Web Server Restrictions
allConfigure web server to restrict access to sensitive directories
For Apache: Add 'AllowOverride None' and 'Deny from all' to sensitive directories in .htaccess
For Nginx: Use 'location' blocks to restrict directory access
🧯 If You Can't Patch
- Implement web application firewall (WAF) rules to block directory traversal patterns
- Restrict file system permissions to minimum required for web server operation
🔍 How to Verify
Check if Vulnerable:
Test by attempting to access sensitive files via index.php with traversal sequences like '../../etc/passwd'Check Version:
Check software version in admin panel or configuration filesVerify Fix Applied:
Verify that traversal attempts return error messages or are blocked, and cannot access files outside web root📡 Detection & Monitoring
Log Indicators:
- Multiple failed attempts to access files with '..' sequences in URL parameters
- Access to sensitive system files from web server process
Network Indicators:
- HTTP requests containing '../' or similar traversal patterns in URL parameters
SIEM Query:
source="web_server_logs" AND (url="*../*" OR url="*..%2f*")🔗 References
- https://attackerkb.com/topics/XuEb81tsid/online-catering-reservation-dt-food-catering-by-oretnom23-v1-0-sql-injection---login
- https://github.com/dumpling-soup/Online-Catering-Reservation-DT/blob/main/README.md
- https://github.com/nu11secur1ty/CVE-mitre/blob/main/CVE-2021-38758/README.MD
- https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-38758
- https://github.com/nu11secur1ty/CVE-mitre/tree/main/Online-Catering-Reservation-DT-Food-Catering
- https://attackerkb.com/topics/XuEb81tsid/online-catering-reservation-dt-food-catering-by-oretnom23-v1-0-sql-injection---login
- https://github.com/dumpling-soup/Online-Catering-Reservation-DT/blob/main/README.md
- https://github.com/nu11secur1ty/CVE-mitre/blob/main/CVE-2021-38758/README.MD
- https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-38758
- https://github.com/nu11secur1ty/CVE-mitre/tree/main/Online-Catering-Reservation-DT-Food-Catering
