CVE-2024-12645
📋 TL;DR
The topm-client from Chunghwa Telecom has an Arbitrary File Read vulnerability due to missing CSRF protection and a Relative Path Traversal flaw in one API. Unauthenticated remote attackers can exploit this through phishing to read arbitrary files on users' systems. This affects users running the vulnerable topm-client software.
💻 Affected Systems
- Chunghwa Telecom topm-client
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could read sensitive system files (passwords, configuration files, private keys) leading to complete system compromise or data exfiltration.
Likely Case
Attackers would read user-specific files (documents, browser data, credentials) through targeted phishing campaigns.
If Mitigated
With proper network segmentation and user awareness training, impact would be limited to isolated systems with minimal sensitive data.
🎯 Exploit Status
Exploitation requires user interaction (phishing) but the technical complexity is low once the user visits a malicious page.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check vendor advisory for specific version
Vendor Advisory: https://www.twcert.org.tw/en/cp-139-8303-3220b-2.html
Restart Required: Yes
Instructions:
1. Check vendor advisory for patched version. 2. Download and install updated topm-client. 3. Restart the application. 4. Verify the fix by testing the vulnerable API endpoints.
🔧 Temporary Workarounds
Disable topm-client local web server
linuxPrevent the vulnerable component from running
killall topm-client
systemctl stop topm-client
Network segmentation
allIsolate systems running topm-client from internet access
🧯 If You Can't Patch
- Implement strict network segmentation to isolate affected systems
- Deploy web application firewall rules to block path traversal patterns
🔍 How to Verify
Check if Vulnerable:
Test if the local web server APIs are accessible without CSRF tokens and if path traversal is possible in file read endpoints.Check Version:
topm-client --version or check installed package versionVerify Fix Applied:
Verify that API endpoints now require proper authentication/CSRF tokens and path traversal attempts are blocked.📡 Detection & Monitoring
Log Indicators:
- Unusual file access patterns from topm-client process
- Multiple failed path traversal attempts
Network Indicators:
- HTTP requests to local topm-client APIs from external sources
- Patterns of ../ in URL parameters
SIEM Query:
process:topm-client AND (event:file_read OR url:*../*)