CVE-2024-40422

CVSS 9.1 CRITICALEPSS 11.4%CWE-22

Vexday Risk Score

68High priority

SSVC decision (CISA)

Attend

PoC available → attend closely

CVSS 9.1EPSS 11.4%KEV nãoPoC públicaNuclei simMetasploit —Patch —

Lifecycle

24 Jul 2024Published on NVD

04 Aug 2024Public PoC

Recommendation: Plan a near-term fix — a public PoC already exists.

The snapshot_path parameter in the /api/get-browser-snapshot endpoint in stitionai devika v1 is susceptible to a path traversal attack. An attacker can manipulate the snapshot_path parameter to traverse directories and access sensitive files on the server. This can potentially lead to unauthorized access to critical system files and compromise the confidentiality and integrity of the system.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected products

n/a · n/a

public PoCs found — 2

githubgithub.com/j3r1ch0123/CVE-2024-40422★ 1 exploitdbwww.exploit-db.com/exploits/52066unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/alpernae/CVE-2024-40422 https://github.com/stitionai/devika https://github.com/stitionai/devika/pull/619 https://medium.com/@alpernae/uncovering-path-traversal-in-devika-v1-a-deep-dive-into-cve-2024-40422-f8ce81398b99