CVE-2024-33369 – A directory traversal vulnerability in Plasmoap... (How to Fix)

Q: What is the severity of CVE-2024-33369?

CVE-2024-33369 has a CVSS score of 8.8 (HIGH). A directory traversal vulnerability in Plasmoapp RPShare Fabric mod v1.0.0 allows remote attackers to read arbitrary files on the server by manipulating file paths in download requests. This affects all users running the vulnerable version of this Minecraft server mod.

📋 TL;DR

A directory traversal vulnerability in Plasmoapp RPShare Fabric mod v1.0.0 allows remote attackers to read arbitrary files on the server by manipulating file paths in download requests. This affects all users running the vulnerable version of this Minecraft server mod.

💻 Affected Systems

Products:

Plasmoapp RPShare Fabric mod

Versions: v1.0.0

Operating Systems: Any OS running Minecraft with Fabric modloader

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects servers running the RPShare mod, not vanilla Minecraft or other mods.

📦 What is this software?

Rpshare by Plasmoapp

View all CVEs affecting Rpshare →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete server compromise, data theft, and lateral movement within the network.

🟠

Likely Case

Arbitrary file read allowing attackers to access sensitive configuration files, credentials, and other server data.

🟢

If Mitigated

Limited impact with proper network segmentation and file system permissions restricting access to critical files.

🌐 Internet-Facing: HIGH - The vulnerability is remotely exploitable without authentication on exposed servers.

🏢 Internal Only: MEDIUM - Internal attackers could exploit this if they have network access to the server.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public proof-of-concept demonstrates file path traversal via the getFileNameFromConnection method.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: Yes

Instructions:

1. Remove RPShare mod v1.0.0 from your server. 2. Check for updated version on official repository. 3. Restart Minecraft server.

🔧 Temporary Workarounds

Remove vulnerable mod

all

Completely remove the RPShare mod from your Minecraft server

rm /path/to/minecraft/mods/RPShare-1.0.0.jar

Network isolation

linux

Restrict network access to Minecraft server using firewall rules

iptables -A INPUT -p tcp --dport 25565 -s trusted_ip -j ACCEPT
iptables -A INPUT -p tcp --dport 25565 -j DROP

🧯 If You Can't Patch

Implement strict network segmentation to isolate Minecraft server from sensitive systems
Apply file system permissions to restrict access to sensitive directories and files

🔍 How to Verify

Check if Vulnerable:

Check if RPShare-1.0.0.jar exists in your mods directory

Check Version:

ls /path/to/minecraft/mods/ | grep RPShare

Verify Fix Applied:

Confirm RPShare-1.0.0.jar is removed from mods directory and server restarted

📡 Detection & Monitoring

Log Indicators:

Unusual file path patterns in download requests
Access to files outside expected directories

Network Indicators:

HTTP requests with ../ sequences in file paths
Unusual download patterns from Minecraft server

SIEM Query:

source="minecraft.log" AND "../" AND "download"

📊 Metadata

CVE ID: CVE-2024-33369

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-22

Published: September 27, 2024

Last Updated: July 10, 2025

🔗 References

https://gist.github.com/apple502j/54e0f80bfe082fd934e33970394adbb8 Third Party Advisory
https://github.com/plasmoapp/RPShare Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-33369, you might also want to check these: