CVE-2023-52079
Path Traversal vulnerability in msgpackr (npm)
What is CVE-2023-52079 About?
This vulnerability is a Path Traversal issue found in the GitHub repository mlflow/mlflow prior to version 2.9.2, specifically using the pattern `\../filename`. This allows an attacker to access or manipulate files outside the intended directory. Exploitation is relatively easy if attackers can control parts of a file path.
Affected Software
Technical Details
The vulnerability, identified as a Path Traversal, exists in the mlflow/mlflow GitHub repository. It arises from insufficient sanitization or validation of file paths, specifically when processing paths containing the ../ (dot-dot-slash) sequence, often disguised or encoded, such as \../filename. An attacker can embed such sequences within a path provided to the application, causing the application to resolve the path outside its intended base directory. This allows the attacker to read, write, or execute files in arbitrary locations on the server file system, bypassing security controls by manipulating the directory structure to reach restricted areas.
What is the Impact of CVE-2023-52079?
Successful exploitation may allow attackers to access sensitive files, overwrite system configurations, execute arbitrary code, or achieve full system compromise.
What is the Exploitability of CVE-2023-52079?
Exploitation is typically of low to moderate complexity, depending on how user input is processed. No authentication or elevated privileges are usually needed, provided the attacker can influence a file path argument. The vulnerability is remote if the application accepts file path input via web requests, or local if it processes local file paths from user-controlled files. The ease of exploitation increases with the number of entry points where user-controlled data is used to construct file paths without proper sanitization. A common risk factor is software that unpacks archives or processes uploaded files without validating paths within them.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2023-52079?
Available Upgrade Options
- msgpackr
- <1.10.1 → Upgrade to 1.10.1
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://github.com/kriszyp/msgpackr/commit/18f44f8800e2261341cdf489d1ba1e35a0133602
- https://github.com/kriszyp/msgpackr/security/advisories/GHSA-7hpj-7hhx-2fgx
- https://osv.dev/vulnerability/GHSA-7hpj-7hhx-2fgx
- https://github.com/kriszyp/msgpackr/commit/18f44f8800e2261341cdf489d1ba1e35a0133602
- https://github.com/kriszyp/msgpackr/security/advisories/GHSA-7hpj-7hhx-2fgx
- https://github.com/kriszyp/msgpackr
- https://nvd.nist.gov/vuln/detail/CVE-2023-52079
What are Similar Vulnerabilities to CVE-2023-52079?
Similar Vulnerabilities: CVE-2023-5115 , CVE-2023-38035 , CVE-2023-36845 , CVE-2022-45868 , CVE-2022-44670
