CVE-2024-1603 – CVE-2024-1603 is a path traversal vulnerability... (How to Fix)

Q: What is the severity of CVE-2024-1603?

CVE-2024-1603 has a CVSS score of 7.5 (HIGH). CVE-2024-1603 is a path traversal vulnerability in PaddlePaddle's read_file function that allows attackers to read arbitrary files from the server filesystem. This affects applications using PaddlePaddle 2.6.0 that process user-controlled file paths. The vulnerability enables unauthorized access to sensitive system files.

📋 TL;DR

CVE-2024-1603 is a path traversal vulnerability in PaddlePaddle's read_file function that allows attackers to read arbitrary files from the server filesystem. This affects applications using PaddlePaddle 2.6.0 that process user-controlled file paths. The vulnerability enables unauthorized access to sensitive system files.

💻 Affected Systems

Products:

PaddlePaddle

Versions: 2.6.0

Operating Systems: All platforms running PaddlePaddle

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects applications using paddle.vision.ops.read_file with user-controlled input.

📦 What is this software?

Paddlepaddle by Paddlepaddle

View all CVEs affecting Paddlepaddle →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers can read sensitive files like /etc/passwd, SSH keys, configuration files, and database credentials, potentially leading to complete system compromise.

🟠

Likely Case

Unauthorized reading of application configuration files, source code, or user data stored on the server.

🟢

If Mitigated

Limited to reading files accessible by the application's service account, with no ability to write or execute files.

🌐 Internet-Facing: HIGH - Web applications accepting user file paths are directly exploitable over the internet.

🏢 Internal Only: MEDIUM - Internal applications could be exploited by authenticated users or through other attack vectors.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple path traversal payloads can exploit this vulnerability without authentication if user input reaches the vulnerable function.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.6.1 or later

Vendor Advisory: https://github.com/PaddlePaddle/Paddle/security/advisories

Restart Required: No

Instructions:

1. Update PaddlePaddle to version 2.6.1 or later using pip: pip install --upgrade paddlepaddle 2. Review and update any custom code using read_file to validate user input.

🔧 Temporary Workarounds

Input Validation

all

Implement strict input validation to prevent path traversal in user-controlled file paths

Function Restriction

all

Replace paddle.vision.ops.read_file with custom functions that validate file paths

🧯 If You Can't Patch

Implement strict input validation and sanitization for all user-controlled file paths
Restrict application permissions using least privilege principles and containerization

🔍 How to Verify

Check if Vulnerable:

Check if using PaddlePaddle 2.6.0 and if application uses paddle.vision.ops.read_file with user input

Check Version:

python -c "import paddle; print(paddle.__version__)"

Verify Fix Applied:

Verify PaddlePaddle version is 2.6.1 or later and test file path validation

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns
Failed file read attempts with traversal patterns

Network Indicators:

HTTP requests containing path traversal sequences in file parameters

SIEM Query:

source="web_logs" AND (uri="*../*" OR params="*../*") AND status=200

📊 Metadata

CVE ID: CVE-2024-1603

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-73

Published: March 23, 2024

Last Updated: January 24, 2025

🔗 References

https://huntr.com/bounties/7739eced-73a3-4a96-afcd-9c753c55929e Exploit,Issue Tracking,Third Party Advisory
https://huntr.com/bounties/7739eced-73a3-4a96-afcd-9c753c55929e Exploit,Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-1603, you might also want to check these: