Skip to content

galoget/Thruk-CVE-2023-34096

Repository files navigation

Thruk-CVE-2023-34096

Thruk Monitoring Web Interface versions <= v3.06 are vulnerable to CVE-2023-34096 (Path Traversal).

The current exploit is made in Python 3 and exploits the vulnerability to upload a PoC file to multiple Thruk's common folders and also some Linux folders.

CVSS

The CNA GitHub, Inc. assigned a CVSS 3.1 Score of 6.5 (Medium) to this finding. (Check NIST NVD)

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Vulnerability Summary

  • Assigned CVE: CVE-2023-34096
  • CVE Author: Galoget Latorre (@galoget)
  • Severity: 6.5 Medium
  • Type: Path Traversal
  • Product: Thruk Monitoring Web Interface
  • Affected Versions: All versions <= 3.06
  • Patched Version: 3.06-2

Timeline

  • 2023-05-25: This vulnerability was identified by Galoget Latorre.
  • 2023-06-02: Initial contact with maintainer via GitHub Security Advisory including vulnerability details and Proof of Concept (PoC).
  • 2023-06-05: CVE-2023-34096 is assigned.
  • 2023-06-06: Maintainer releases a patch with version 3.06-2, see Thruk's Changelog.
  • 2023-06-08: GitHub Security Advisory is released by maintainer.
  • 2023-06-08: Security advisory (author's blog post) is released by Galoget Latorre.
  • 2023-06-08: Exploit PoC (this repository) is released by Galoget Latorre.
  • 2023-06-09: Exploit PoC is shared by Exploit Database (Exploit-DB).
  • 2023-06-09: Exploit PoC is shared by Packet Storm Security.

Credits

This security vulnerability was identified and reported to the maintainer (Thruk's Developers) by Galoget Latorre, Security Consultant at Hackem Cybersecurity Research Group and Dreamlab Technologies.

References

Demo

CVE-2023-34096 exploit PoC

Note: In the previous image, you can see that the exploit is showing an error message for the last 3 attempts, this is because in the test environment some folders were non-existent or the Apache user did not have write permissions on those paths. The exploit works correctly and the output was intended to test all possible cases.

About

Thruk Monitoring Web Interface <= 3.06 vulnerable to CVE-2023-34096 (Path Traversal).

Topics

Resources

License

Stars

Watchers

Forks

Languages