Impact
Files from the env-production
folder can be retrieved even though they should have restricted access.
Hopefully, there is no sensitive files stored in that folder natively, but there could be from a third-party module.
Patches
The pages/exec.php
script has been fixed to limit execution of PHP files only. Other file types won't be retrieved and exposed.
Workarounds
No workaround, any file within env-production
folder can be retrieved. But again, there is no sensitive data in that folder natively.
References
Credits
Huge thanks to Ahmad Shauqi from NetbyteSEC SDN BHD for reporting this.
For more information
If you have any questions or comments about this advisory:
Email us at itop-security@combodo.com
Impact
Files from the
env-production
folder can be retrieved even though they should have restricted access.Hopefully, there is no sensitive files stored in that folder natively, but there could be from a third-party module.
Patches
The
pages/exec.php
script has been fixed to limit execution of PHP files only. Other file types won't be retrieved and exposed.Workarounds
No workaround, any file within
env-production
folder can be retrieved. But again, there is no sensitive data in that folder natively.References
Credits
Huge thanks to Ahmad Shauqi from NetbyteSEC SDN BHD for reporting this.
For more information
If you have any questions or comments about this advisory:
Email us at itop-security@combodo.com