CVE-2024-52306

FileManager provides a Backpack admin interface for files and folder. Prior to 3.0.9, deserialization of untrusted data from the mimes parameter could lead to remote code execution. This vulnerability is fixed in 3.0.9.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/Laravel-Backpack/FileManager/commit/2830498b85e05fb3c92179053b4d7c4a0fdb880b	Patch
https://github.com/Laravel-Backpack/FileManager/security/advisories/GHSA-8237-957h-h2c2	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:backpackforlaravel:filemanager::::::::
	cpe:2.3:a:backpackforlaravel:filemanager::::::::

History

19 Nov 2024, 15:02

Type	Values Removed	Values Added
Summary		(es) FileManager proporciona una interfaz de administración de Backpack para archivos y carpetas. Antes de la versión 3.0.9, la deserialización de datos no confiables del parámetro mimes podía provocar la ejecución remota de código. Esta vulnerabilidad se solucionó en la versión 3.0.9.
First Time		Backpackforlaravel Backpackforlaravel filemanager
References	~~() https://github.com/Laravel-Backpack/FileManager/commit/2830498b85e05fb3c92179053b4d7c4a0fdb880b -~~	() https://github.com/Laravel-Backpack/FileManager/commit/2830498b85e05fb3c92179053b4d7c4a0fdb880b - Patch
References	~~() https://github.com/Laravel-Backpack/FileManager/security/advisories/GHSA-8237-957h-h2c2 -~~	() https://github.com/Laravel-Backpack/FileManager/security/advisories/GHSA-8237-957h-h2c2 - Vendor Advisory
CPE		cpe:2.3:a:backpackforlaravel:filemanager::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~7.6~~	v2 : unknown v3 : 9.8

13 Nov 2024, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-13 16:15

Updated : 2024-11-19 15:02

NVD link : CVE-2024-52306

Mitre link : CVE-2024-52306

CVE.ORG link : CVE-2024-52306

JSON object : View

Products Affected

backpackforlaravel

filemanager

CWE

CWE-502

Deserialization of Untrusted Data

{"id": "CVE-2024-52306", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.0}]}, "published": "2024-11-13T16:15:20.723", "references": [{"url": "https://github.com/Laravel-Backpack/FileManager/commit/2830498b85e05fb3c92179053b4d7c4a0fdb880b", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/Laravel-Backpack/FileManager/security/advisories/GHSA-8237-957h-h2c2", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-502"}]}], "descriptions": [{"lang": "en", "value": "FileManager provides a Backpack admin interface for files and folder. Prior to 3.0.9, deserialization of untrusted data from the mimes parameter could lead to remote code execution. This vulnerability is fixed in 3.0.9."}, {"lang": "es", "value": "FileManager proporciona una interfaz de administraci\u00f3n de Backpack para archivos y carpetas. Antes de la versi\u00f3n 3.0.9, la deserializaci\u00f3n de datos no confiables del par\u00e1metro mimes pod\u00eda provocar la ejecuci\u00f3n remota de c\u00f3digo. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 3.0.9."}], "lastModified": "2024-11-19T15:02:45.053", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:backpackforlaravel:filemanager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3916EFA1-114A-4622-9384-A01A4D874D87", "versionEndExcluding": "2.0.2"}, {"criteria": "cpe:2.3:a:backpackforlaravel:filemanager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20B83E97-268F-47A7-A199-24F2AC570DD0", "versionEndExcluding": "3.0.9", "versionStartIncluding": "3.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}