CVE-2018-20332

Name of the Vulnerable Software and Affected Versions OpenWebif plugin through 1.2.4 for Enigma2 based devices

Description An issue has been discovered that allows reading of arbitrary files and listing of arbitrary directories. This can be achieved by accessing specific "API Endpoints" such as "/file?action=download&file=" followed by a full pathname for file reading, and "/file?action=download&dir=" followed by a full pathname for directory listing. The issue is related to the plugin/controllers/file.py in the e2openplugin-OpenWebif project.

Recommendations For OpenWebif plugin versions through 1.2.4, consider restricting access to the /file endpoint until a patch is available. As a temporary workaround, avoid using the file and dir parameters in the affected API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.