Login Sign Up

CVE-2023-3701

9.9 CRITICAL
Path Traversal

📋 TL;DR

Aqua Drive version 2.4 has a relative path traversal vulnerability that allows authenticated users to access and modify other users' stored resources. Attackers could also access and modify the platform's source and configuration files, compromising the entire system's integrity and availability. This affects all organizations using the vulnerable version of Aqua Drive cloud disk platform.

💻 Affected Systems

Products:
  • Aqua Drive
Versions: 2.4
Operating Systems: All platforms running Aqua Drive
Default Config Vulnerable: ⚠️ Yes
Notes: Requires authenticated access, but even non-privileged users can exploit this vulnerability.

📦 What is this software?

Aqua Drive by Aquaesolutions

View all CVEs affecting Aqua Drive →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete platform compromise allowing attackers to modify source code, steal all user data, and render the service unavailable.

🟠

Likely Case

Unauthorized access to sensitive user files and potential data theft or modification.

🟢

If Mitigated

Limited impact if proper access controls and monitoring are in place to detect unusual file access patterns.

🌐 Internet-Facing: HIGH - Cloud disk platforms are typically internet-facing, making them accessible to attackers worldwide.
🏢 Internal Only: MEDIUM - Internal attackers with authenticated access could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Path traversal vulnerabilities are typically easy to exploit once discovered, requiring only basic web testing tools.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version after 2.4

Vendor Advisory: https://www.incibe.es/en/incibe-cert/notices/aviso/relative-path-traversal-aqua-esolutions

Restart Required: Yes

Instructions:

1. Check current Aqua Drive version. 2. Contact vendor for patched version. 3. Backup configuration and data. 4. Apply patch. 5. Restart service. 6. Verify fix.

🔧 Temporary Workarounds

Access Control Enhancement

all

Implement strict file access controls and user permission validation

Input Validation

all

Add path traversal filters to all file access functions

🧯 If You Can't Patch

  • Isolate the Aqua Drive instance from other critical systems and implement strict network segmentation
  • Implement enhanced monitoring for unusual file access patterns and enable detailed audit logging

🔍 How to Verify

Check if Vulnerable:

Test authenticated file access with path traversal payloads like '../../etc/passwd' or similar directory traversal attempts

Check Version:

Check Aqua Drive admin panel or configuration files for version information

Verify Fix Applied:

Attempt the same path traversal tests after patching to confirm they are blocked

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed file access attempts with '../' patterns
  • Unauthorized file access from non-admin users
  • Access to configuration or system files

Network Indicators:

  • HTTP requests containing '../' patterns in file parameters
  • Unusual file download patterns from authenticated users

SIEM Query:

source="aqua_drive_logs" AND (message="*../*" OR message="*unauthorized*access*")

📊 Metadata

CVE ID: CVE-2023-3701
CVSS v3 Score: 9.9 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CWE: CWE-23
Published: October 4, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-3701, you might also want to check these:

CVE-2024-24578 10.0

CVE-2024-24578 is an unauthenticated remote code execution vulnerability in RaspberryMatic/OCCU IoT ...

Same vulnerability type (CWE-23)
CVE-2024-3025 9.9

This path traversal vulnerability in mintplex-labs/anything-llm allows attackers to read or delete f...

Same vulnerability type (CWE-23)
CVE-2023-40714 9.9

This vulnerability allows attackers to perform relative path traversal in Fortinet FortiSIEM, enabli...

Same vulnerability type (CWE-23)