CVE-2024-12793 – This CVE-2024-12793 is a path traversal vulnera... (How to Fix)

Q: What is the severity of CVE-2024-12793?

CVE-2024-12793 has a CVSS score of 4.3 (MEDIUM). This CVE-2024-12793 is a path traversal vulnerability in PbootCMS that allows attackers to access files outside the intended directory by manipulating the 'tag' parameter. It affects PbootCMS versions up to 5.2.3, potentially exposing sensitive files on web servers. The vulnerability can be exploited remotely without authentication.

📋 TL;DR

This CVE-2024-12793 is a path traversal vulnerability in PbootCMS that allows attackers to access files outside the intended directory by manipulating the 'tag' parameter. It affects PbootCMS versions up to 5.2.3, potentially exposing sensitive files on web servers. The vulnerability can be exploited remotely without authentication.

💻 Affected Systems

Products:

PbootCMS

Versions: up to 5.2.3

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the IndexController.php file in apps/home/controller directory. All installations using vulnerable versions are affected.

📦 What is this software?

Pbootcms by Pbootcms

View all CVEs affecting Pbootcms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could read sensitive server files like configuration files, source code, or system files, potentially leading to credential theft, system compromise, or further exploitation.

🟠

Likely Case

Unauthorized file disclosure from the web server directory, potentially exposing application configuration, source code, or other sensitive files.

🟢

If Mitigated

Limited impact with proper file permissions and web server configuration restricting access to sensitive directories.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit details are publicly available in the GitHub gist reference. The vulnerability requires minimal technical skill to exploit.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.2.4

Vendor Advisory: Not specified in provided references

Restart Required: No

Instructions:

1. Backup your current PbootCMS installation and database
2. Download PbootCMS version 5.2.4 or later from official sources
3. Replace the affected file apps/home/controller/IndexController.php with the patched version
4. Verify the fix by testing the vulnerable functionality

🔧 Temporary Workarounds

Input Validation Filter

all

Add input validation to sanitize the 'tag' parameter before processing

Modify apps/home/controller/IndexController.php to validate and sanitize user input for the 'tag' parameter

Web Server Restrictions

linux

Configure web server to restrict directory traversal attempts

For Apache: Set 'AllowOverride None' in directory configurations
For Nginx: Add 'location ~ /\. { deny all; }' to block dot files

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to block path traversal patterns
Restrict file system permissions to limit what the web server user can access

🔍 How to Verify

Check if Vulnerable:

Check if your PbootCMS version is 5.2.3 or earlier by examining the version file or admin panel

Check Version:

Check the version in the admin panel or look for version information in the source code

Verify Fix Applied:

Test the vulnerable endpoint with path traversal payloads to confirm they are blocked

📡 Detection & Monitoring

Log Indicators:

Unusual requests to IndexController.php with ../ patterns in parameters
Multiple failed attempts to access files outside web root

Network Indicators:

HTTP requests containing '../' or similar traversal patterns in URL parameters

SIEM Query:

web.url:*../* AND (web.url:*tag=* OR web.url:*IndexController*)

📊 Metadata

CVE ID: CVE-2024-12793

CVSS v3 Score: 4.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-22

Published: December 19, 2024

Last Updated: January 6, 2025

🔗 References

https://gist.github.com/J1rrY-learn/b939899001b2c6b59632d82df11da001 Broken Link
https://vuldb.com/?ctiid.288974 Permissions Required
https://vuldb.com/?id.288974 Third Party Advisory
https://vuldb.com/?submit.465779 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-12793, you might also want to check these: