Skip to content

Limit pages/exec.php script to PHP files

Critical
Molkobain published GHSA-g652-q7cc-7hfc Apr 15, 2024

Package

iTop (SourceForge)

Affected versions

2.7.9, 3.0.3, 3.1.0

Patched versions

2.7.10, 3.0.4, 3.1.1, 3.2.0

Description

Impact

Files from the env-production folder can be retrieved even though they should have restricted access.
Hopefully, there is no sensitive files stored in that folder natively, but there could be from a third-party module.

Patches

The pages/exec.php script has been fixed to limit execution of PHP files only. Other file types won't be retrieved and exposed.

Workarounds

No workaround, any file within env-production folder can be retrieved. But again, there is no sensitive data in that folder natively.

References

  • Combodo N°6989

Credits

Huge thanks to Ahmad Shauqi from NetbyteSEC SDN BHD for reporting this.

For more information

If you have any questions or comments about this advisory:
Email us at itop-security@combodo.com

Severity

Critical
9.8
/ 10

CVSS base metrics

Attack vector
Network
Attack complexity
Low
Privileges required
None
User interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE ID

CVE-2023-48710

Weaknesses

No CWEs