Login Sign Up

CVE-2024-8782

6.3 MEDIUM
Path Traversal

📋 TL;DR

This critical vulnerability in JFinalCMS allows remote attackers to perform path traversal attacks via the 'name' parameter in the delete function of the admin template editor. Attackers can delete arbitrary files on the server by manipulating directory traversal sequences. All JFinalCMS installations up to version 1.0 are affected.

💻 Affected Systems

Products:
  • JFinalCMS
Versions: All versions up to and including 1.0
Operating Systems: All operating systems running JFinalCMS
Default Config Vulnerable: ⚠️ Yes
Notes: Requires admin panel access, but the vulnerability exists in the admin interface which is typically accessible to authenticated users.

📦 What is this software?

Jfinalcms by Heyewei

View all CVEs affecting Jfinalcms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through deletion of critical system files, leading to denial of service, data loss, or potential privilege escalation if system files are manipulated.

🟠

Likely Case

Website defacement, data deletion, or service disruption through deletion of web application files and templates.

🟢

If Mitigated

Limited impact if proper file permissions and web application firewalls block traversal attempts.

🌐 Internet-Facing: HIGH - The vulnerability is remotely exploitable and public exploits exist.
🏢 Internal Only: MEDIUM - Internal attackers could still exploit this if they have network access to the CMS.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit requires authentication to the admin panel. Public proof-of-concept demonstrates file deletion via path traversal.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: No official vendor advisory found

Restart Required: No

Instructions:

No official patch available. Consider migrating to alternative CMS or implementing workarounds.

🔧 Temporary Workarounds

Input Validation Filter

all

Add input validation to sanitize the 'name' parameter and block directory traversal sequences

Modify /admin/template/edit controller to validate and sanitize input parameters

Web Application Firewall Rules

all

Configure WAF to block requests containing path traversal patterns

Add WAF rule to block requests with '../', '..\', or similar traversal sequences

🧯 If You Can't Patch

  • Restrict admin panel access to trusted IP addresses only
  • Implement strict file permissions to limit what files the web server user can delete

🔍 How to Verify

Check if Vulnerable:

Check if JFinalCMS version is 1.0 or earlier by examining version files or admin panel

Check Version:

Check version.txt or similar files in JFinalCMS installation directory

Verify Fix Applied:

Test the delete function with traversal sequences like '../../etc/passwd' to confirm they are blocked

📡 Detection & Monitoring

Log Indicators:

  • HTTP requests to /admin/template/edit with 'name' parameter containing '../' or similar sequences
  • File deletion errors in web server logs

Network Indicators:

  • POST requests to admin endpoints with traversal payloads

SIEM Query:

web.url:*admin/template/edit* AND (web.param.name:*../* OR web.param.name:*..\*)

📊 Metadata

CVE ID: CVE-2024-8782
CVSS v3 Score: 6.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-22
Published: September 13, 2024
Last Updated: September 19, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-8782, you might also want to check these:

CVE-2024-43955 10.0

CVE-2024-43955 is an unauthenticated path traversal vulnerability in the Droip WordPress plugin that...

Same vulnerability type (CWE-22)
CVE-2025-54261 10.0

This critical path traversal vulnerability in Adobe ColdFusion allows attackers to escape restricted...

Same vulnerability type (CWE-22)
CVE-2024-40628 10.0

This critical vulnerability in JumpServer allows attackers to read arbitrary files from the Celery c...

Same vulnerability type (CWE-22)