CVE-2024-56331

Name of the Vulnerable Software and Affected Versions Uptime Kuma versions prior to 1.23.16

Description An Improper URL Handling issue allows an attacker to access sensitive local files on the server by exploiting the file:/// protocol. This issue is triggered via the "real-browser" request type, which takes a screenshot of the URL provided by the attacker. By supplying local file paths, such as file:///etc/passwd, an attacker can read sensitive data from the server. The system does not properly validate or sanitize the user input for the URL field, allowing users to input arbitrary file paths without server-side validation. Any authenticated user who can submit a URL in "real-browser" mode is at risk of exposing sensitive data through screenshots of these files.

Recommendations For versions prior to 1.23.16, upgrade to version 1.23.16 or later to address this issue. As a temporary workaround, consider restricting access to the "real-browser" request type to minimize the risk of exploitation. Additionally, restrict access to sensitive files on the server to prevent potential data exposure.