PT-2020-15367 · Halo · Halo

Published

2020-09-30

Updated

2020-10-08

CVE-2020-21525

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Halo version 1.1.3

Description The issue allows for arbitrary file reading. It occurs in an interface that reads files, where a directory traversal check is performed on the input path parameter. However, this check can be bypassed using the startsWith function.

Recommendations For Halo version 1.1.3, consider restricting access to the file reading interface until a proper fix is implemented to prevent directory traversal attacks. As a temporary workaround, review and validate all input paths to ensure they do not bypass the directory traversal check.

Exploit

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2020-21525

Affected Products

Halo

PT-2020-15367 · Halo · Halo

CVE-2020-21525

Weakness Enumeration

Related Identifiers

Affected Products

References · 3