#VU31142 Path traversal in Vanilla - CVE-2019-9889

Cybersecurity Help s.r.o.

Published: 2019-03-21 | Updated: 2020-07-17

Vulnerability identifier: #VU31142

Vulnerability risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-9889

CWE-ID: CWE-22

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Vanilla
Other software / Other software solutions

Vendor: Lussumo

Description

The vulnerability allows a remote privileged user to gain access to sensitive information.

In Vanilla before 2.6.4, a flaw exists within the getSingleIndex function of the AddonManager class. The issue results in a require call using a crafted type value, leading to Directory Traversal with File Inclusion. An attacker can leverage this vulnerability to execute code under the context of the web server.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Vanilla: 2.6.1 - 2.6.3

External links
https://github.com/vanilla/vanilla/compare/b043ae8...9f12b22
https://github.com/vanilla/vanilla/pull/7840
https://hackerone.com/reports/411140

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Path traversal in Lussumo Vanilla