CVE-2024-5550
📋 TL;DR
This vulnerability in h2oai/h2o-3 version 3.40.0.4 allows remote attackers to view the entire filesystem path structure where the application is hosted. Any remote user can exploit this via the Typeahead API to enumerate directories like /home, /usr, and /bin. This information exposure could facilitate further attacks when combined with other vulnerabilities.
💻 Affected Systems
- h2oai/h2o-3
📦 What is this software?
H2o by H2o
⚠️ Risk & Real-World Impact
Worst Case
Attackers map the entire filesystem, identify sensitive files and directories, and combine with Local File Inclusion to read arbitrary files, potentially leading to credential theft, configuration exposure, or remote code execution.
Likely Case
Attackers enumerate directory structures to identify potential targets for further exploitation, gather intelligence about the server environment, and prepare for follow-up attacks.
If Mitigated
With proper network segmentation and access controls, attackers can only view directory structures without accessing sensitive content, limiting the impact to reconnaissance.
🎯 Exploit Status
Exploitation requires only a single HTTP request to the Typeahead API endpoint with '/' as input.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Versions after 3.40.0.4
Vendor Advisory: https://huntr.com/bounties/e76372c2-39be-4984-a7c8-7048a75a25dc
Restart Required: Yes
Instructions:
1. Upgrade h2o-3 to a version newer than 3.40.0.4. 2. Restart the h2o-3 service. 3. Verify the fix by testing the Typeahead API endpoint.
🔧 Temporary Workarounds
Network Access Restriction
linuxRestrict network access to the h2o-3 service to only trusted IP addresses or internal networks.
iptables -A INPUT -p tcp --dport [h2o-port] -s [trusted-ip] -j ACCEPT
iptables -A INPUT -p tcp --dport [h2o-port] -j DROP
API Endpoint Blocking
allBlock or disable the Typeahead API endpoint using web server configuration or application firewall rules.
# Example for nginx: location /Typeahead { deny all; }
# Example for Apache: <Location /Typeahead> Require all denied </Location>
🧯 If You Can't Patch
- Implement strict network segmentation to isolate the h2o-3 instance from untrusted networks.
- Deploy a web application firewall (WAF) with rules to block requests containing path traversal patterns to the Typeahead endpoint.
🔍 How to Verify
Check if Vulnerable:
Send a GET request to the Typeahead API endpoint with '/' as the lookup parameter and check if it returns filesystem directory listings.Check Version:
Check the h2o-3 version in the application interface or configuration files, or run: python -c "import h2o; print(h2o.__version__)" if using Python API.Verify Fix Applied:
After patching, repeat the vulnerable request; it should return an error or empty response instead of directory listings.📡 Detection & Monitoring
Log Indicators:
- HTTP requests to Typeahead endpoint with '/' or similar path traversal patterns in parameters
- Unusual access patterns to the Typeahead API from external IPs
Network Indicators:
- HTTP GET requests to /Typeahead with query parameters containing '/'
- Increased traffic to the Typeahead endpoint from scanning tools
SIEM Query:
source="web_logs" AND uri_path="/Typeahead" AND query="*lookup=/*"