CVE-2024-55457
📋 TL;DR
MasterSAM Star Gate 11 has a directory traversal vulnerability in the /adama/adama/downloadService endpoint. Attackers can manipulate the file parameter to read arbitrary files on the server, potentially exposing sensitive configuration files, credentials, or other data. Organizations using MasterSAM Star Gate 11 are affected.
💻 Affected Systems
- MasterSAM Star Gate
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete server compromise through reading sensitive files like configuration files containing credentials, SSH keys, or database passwords, leading to lateral movement or data exfiltration.
Likely Case
Exposure of sensitive server files including configuration files, logs, or application data that could enable further attacks or information disclosure.
If Mitigated
Limited impact if proper network segmentation, file system permissions, and input validation are in place, restricting access to critical files.
🎯 Exploit Status
The exploit requires simple HTTP requests with manipulated file parameters, making it easy to weaponize.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: Unknown
Restart Required: No
Instructions:
Check with MasterSAM vendor for security updates or patches. If unavailable, apply workarounds immediately.
🔧 Temporary Workarounds
Web Application Firewall (WAF) Rule
allBlock directory traversal patterns in requests to /adama/adama/downloadService
Input Validation Filter
allImplement server-side validation to reject file parameters containing path traversal sequences like ../
🧯 If You Can't Patch
- Restrict network access to the MasterSAM Star Gate service using firewalls to limit exposure to trusted networks only.
- Implement strict file system permissions to limit the files accessible to the application process, reducing the impact of successful exploitation.
🔍 How to Verify
Check if Vulnerable:
Send an HTTP GET request to /adama/adama/downloadService with file parameter containing traversal sequences (e.g., file=../../../etc/passwd) and check if sensitive files are returned.Check Version:
Check the MasterSAM Star Gate application interface or configuration files for version information, typically in admin panels or about sections.Verify Fix Applied:
Test the same exploit attempt after applying fixes; it should return an error or no data instead of file contents.📡 Detection & Monitoring
Log Indicators:
- HTTP requests to /adama/adama/downloadService with file parameters containing ../ or similar traversal patterns
- Unusual file access attempts in application logs
Network Indicators:
- HTTP traffic patterns with repeated requests to the vulnerable endpoint using different file parameters
SIEM Query:
source="web_server_logs" AND url="/adama/adama/downloadService" AND (file="*../*" OR file="*..\\*" OR file="*%2e%2e%2f*")