CVE-2024-32982 – This CVE describes a Local File Inclusion (LFI)... (How to Fix)

Q: What is the severity of CVE-2024-32982?

CVE-2024-32982 has a CVSS score of 8.2 (HIGH). This CVE describes a Local File Inclusion (LFI) vulnerability in Litestar/Starlite ASGI frameworks that allows attackers to exploit path traversal flaws in the static file serving component. Attackers can access sensitive files outside designated directories, potentially leading to information disclosure or server compromise. All Litestar/Starlite deployments using static file serving with affected versions are vulnerable.

📋 TL;DR

This CVE describes a Local File Inclusion (LFI) vulnerability in Litestar/Starlite ASGI frameworks that allows attackers to exploit path traversal flaws in the static file serving component. Attackers can access sensitive files outside designated directories, potentially leading to information disclosure or server compromise. All Litestar/Starlite deployments using static file serving with affected versions are vulnerable.

💻 Affected Systems

Products:

Litestar
Starlite

Versions: All versions before 2.8.3, 2.7.2, and 2.6.4

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects deployments using static file serving functionality. The vulnerability is in the static content serving function at litestar/static_files/base.py.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server compromise through access to sensitive configuration files, credentials, or source code, potentially leading to remote code execution.

🟠

Likely Case

Unauthorized access to sensitive files containing configuration data, environment variables, or application secrets leading to information disclosure.

🟢

If Mitigated

Limited impact with proper file system permissions and network segmentation, though information disclosure may still occur.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Path traversal vulnerabilities are commonly exploited and require minimal technical skill. The advisory includes technical details that could facilitate exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.8.3, 2.7.2, or 2.6.4

Vendor Advisory: https://github.com/litestar-org/litestar/security/advisories/GHSA-83pv-qr33-2vcf

Restart Required: Yes

Instructions:

1. Identify current Litestar/Starlite version. 2. Upgrade to patched version: pip install litestar==2.8.3 (or appropriate version). 3. Restart the application server. 4. Verify the fix by checking version and testing static file access.

🔧 Temporary Workarounds

Disable Static File Serving

all

Temporarily disable static file serving functionality if not required

Remove or comment out static file configuration in your Litestar/Starlite application

Implement Web Application Firewall Rules

all

Block path traversal patterns at the WAF or reverse proxy level

Configure WAF to block requests containing '../', '..\\', or similar path traversal patterns

🧯 If You Can't Patch

Implement strict file system permissions to limit access to sensitive directories
Deploy network segmentation to isolate vulnerable systems from critical assets

🔍 How to Verify

Check if Vulnerable:

Check if your Litestar/Starlite version is below 2.8.3, 2.7.2, or 2.6.4 and uses static file serving

Check Version:

pip show litestar | grep Version

Verify Fix Applied:

Verify version is 2.8.3, 2.7.2, or 2.6.4 or higher, and test that path traversal attempts are properly blocked

📡 Detection & Monitoring

Log Indicators:

Multiple failed attempts to access files with '../' patterns
Unusual access to files outside expected static directories
HTTP 400/403 errors for path traversal attempts

Network Indicators:

HTTP requests containing '../' or similar traversal patterns
Requests for sensitive file extensions (.env, .config, .pem, etc.)

SIEM Query:

source="web_logs" AND (uri="*../*" OR uri="*..\\*" OR uri="*%2e%2e%2f*")

📊 Metadata

CVE ID: CVE-2024-32982

CVSS v3 Score: 8.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CWE: CWE-22

Published: May 6, 2024

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-32982, you might also want to check these: