PT-2019-6165 · Sphinx Technologies+2 · Sphinxsearch+2

Adminze

Published

2019-06-02

Updated

2024-06-26

CVE-2020-29050

CVSS v2.0

9.4

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:N

Name of the Vulnerable Software and Affected Versions SphinxSearch in Sphinx Technologies Sphinx versions through 3.1.1

Description The issue is related to a directory traversal error in the search system, which can be exploited by a remote attacker to gain unauthorized access to protected information. This can be achieved using the CALL SNIPPETS operator or the load file() function, allowing access to files on a full pathname, such as those in the /etc directory.

Recommendations For SphinxSearch in Sphinx Technologies Sphinx versions through 3.1.1, consider restricting access to the CALL SNIPPETS operator and the load file() function to minimize the risk of exploitation. Additionally, limit the ability to load files from arbitrary paths to prevent unauthorized access to sensitive information. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-21CWE-22

Related Identifiers

BDU:2022-00467

CVE-2020-29050

DLA-2882-1

DSA-5036-1

MGASA-2022-0110

OESA-2022-1496

OPENSUSE-SU-2022:0046-1

OPENSUSE-SU-2022:0054-1

OPENSUSE-SU-2022_0046-1

OPENSUSE-SU-2022_0054-1

OPENSUSE-SU-2024:11787-1

Affected Products

Red Os

Sphinxsearch

Suse

PT-2019-6165 · Sphinx Technologies+2 · Sphinxsearch+2

CVE-2020-29050

Weakness Enumeration

Related Identifiers

Affected Products

References · 34