CVE-2024-27921

Name of the Vulnerable Software and Affected Versions Grav versions prior to 1.7.45

Description A file upload path traversal vulnerability has been identified in Grav, an open-source, flat-file content management system. This vulnerability enables attackers to replace or create files with extensions like .json, .zip, .css, .gif, etc. It poses severe risks, including the ability to inject arbitrary code on the server, undermine the integrity of backup files by overwriting existing files or creating new ones, and exfiltrate sensitive data using CSS exfiltration techniques.

Recommendations For Grav versions prior to 1.7.45, upgrade to the patched version 1.7.45 to mitigate the issue. As a temporary workaround, consider restricting access to the checkFileMetadata() function in the MediaUploadTrait.php file until a patch is available. Additionally, restrict the upload of files with sensitive extensions, such as .json, .zip, and .css, to minimize the risk of exploitation.