#VU21760 Path traversal in pillarjs send - CVE-2014-6394

Cybersecurity Help s.r.o.

Published: 2019-10-14

Vulnerability identifier: #VU21760

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2014-6394

CWE-ID: CWE-22

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
pillarjs send
Web applications / Modules and components for CMS

Vendor: pillarjs

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to the affected software uses a partial comparison for verifying whether a directory is within the document root. A remote attacker can send a specially crafted HTTP request and access restricted directories on the system, as demonstrated using "public-restricted" under a "public" directory.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

pillarjs send: 0.0.2 - 0.8.3

External links
https://github.com/visionmedia/send/commit/9c6ca9b2c0b880afd3ff91ce0d211213c5fa5f9a
https://github.com/visionmedia/send/pull/59
https://nodesecurity.io/advisories/send-directory-traversal

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Path traversal in pillarjs send plugin for Node.js

Fedora EPEL 6 update for nodejs-send

Fedora EPEL 7 update for nodejs-send

Fedora 21 update for nodejs-send