CVE-2024-51483
MEDIUM6.5EPSS 39.1%changedetection.io Path Traversal
Description
### Summary When a WebDriver is used to fetch files source:file:///etc/passwd can be used to retrieve local system files, where the more traditional file:///etc/passwd gets blocked ### Details The root cause is the payload source:file:///etc/passwdpasses the regex [here](https://github.com/dgtlmoon/changedetection.io/blob/master/changedetectionio/model/Watch.py#L19) and also passes the check [here](https://github.com/dgtlmoon/changedetection.io/blob/master/changedetectionio/processors/__init__.py#L35) where a traditional file:///etc/passwd would get blocked ### PoC [CL-ChangeDetection.io Path Travsersal-311024-181039.pdf](https://github.com/user-attachments/files/17591630/CL-ChangeDetection.io.Path.Travsersal-311024-181039.pdf) ### Impact It depends on where the webdriver is deployed but generally this is a high impact vulnerability
Affected packages (1)
- PyPI/changedetection-iofrom 0, < 0.47.5
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
| osv | CVSS 3.1 | MEDIUM6.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
References (6)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2024-51483
- PATCHhttps://github.com/dgtlmoon/changedetection.io
- WEBhttps://github.com/dgtlmoon/changedetection.io/blob/master/changedetectionio/model/Watch.py#L19
- WEBhttps://github.com/dgtlmoon/changedetection.io/blob/master/changedetectionio/processors/__init__.py#L35
- WEBhttps://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-cwgg-57xj-g77r
- WEBhttps://github.com/user-attachments/files/17591630/CL-ChangeDetection.io.Path.Travsersal-311024-181039.pdf