CVE-2023-24217 – AgileBio Electronic Lab Notebook v4.234 contain... (How to Fix)

📋 TL;DR

AgileBio Electronic Lab Notebook v4.234 contains a local file inclusion vulnerability that allows attackers to read arbitrary files on the server. This could lead to remote code execution by including malicious files. Organizations using this specific version of the software are affected.

💻 Affected Systems

Products:

AgileBio Electronic Lab Notebook
LabCollector LIMS with ELN add-on

Versions: v4.234

Operating Systems: All platforms running the vulnerable software

Default Config Vulnerable: ⚠️ Yes

Notes: Specifically affects the ELN (Electronic Lab Notebook) component of LabCollector LIMS

📦 What is this software?

Electronic Lab Notebook by Agilebio

View all CVEs affecting Electronic Lab Notebook →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise through remote code execution, data theft, and lateral movement within the network

🟠

Likely Case

Sensitive file disclosure including configuration files, credentials, and lab data

🟢

If Mitigated

Limited impact with proper file permissions and network segmentation

🌐 Internet-Facing: HIGH - Web application accessible from internet with unauthenticated exploit potential

🏢 Internal Only: HIGH - Even internal systems can be exploited by authenticated users or attackers who gain initial access

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit code available on Packet Storm Security demonstrating remote code execution

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://labcollector.com/labcollector-lims/add-ons/eln-electronic-lab-notebook/

Restart Required: No

Instructions:

1. Contact vendor for updated version
2. Check vendor website for security updates
3. Consider upgrading to latest version if available

🔧 Temporary Workarounds

Web Application Firewall Rules

all

Implement WAF rules to block file inclusion patterns and path traversal attempts

File Permission Restrictions

linux

Restrict web server user permissions to prevent reading sensitive files

chmod 600 sensitive_files
chown root:root sensitive_files

🧯 If You Can't Patch

Isolate the system on a segmented network with strict access controls
Implement application-level input validation to sanitize file path parameters

🔍 How to Verify

Check if Vulnerable:

Check if running AgileBio Electronic Lab Notebook version 4.234 via admin interface or configuration files

Check Version:

Check web interface admin panel or examine application configuration files for version information

Verify Fix Applied:

Verify version has been updated beyond 4.234 or test for file inclusion vulnerability using controlled test payloads

📡 Detection & Monitoring

Log Indicators:

Unusual file path requests in web server logs
Multiple ../ sequences in URL parameters
Requests for sensitive files like /etc/passwd

Network Indicators:

HTTP requests with file inclusion patterns in parameters
Unusual outbound connections from web server

SIEM Query:

web.url:*../* AND (web.url:*passwd* OR web.url:*config* OR web.url:*php*)

📊 Metadata

CVE ID: CVE-2023-24217

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-98

Published: March 6, 2023

Last Updated: March 6, 2025

🔗 References

http://packetstormsecurity.com/files/171252/Agilebio-Lab-Collector-4.234-Remote-Code-Execution.html Third Party Advisory,VDB Entry
https://labcollector.com/labcollector-lims/add-ons/eln-electronic-lab-notebook/ Vendor Advisory
http://packetstormsecurity.com/files/171252/Agilebio-Lab-Collector-4.234-Remote-Code-Execution.html Third Party Advisory,VDB Entry
https://labcollector.com/labcollector-lims/add-ons/eln-electronic-lab-notebook/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-24217, you might also want to check these: