ID NODEJS:413Type nodejsReporter Liang GongModified 2021-09-23T07:58:54
Description
Overview
Affected versions of liuyaserver resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system.
Example request:
GET /../../../../../../../../../../etc/passwd HTTP/1.1
host:foo
Recommendation
No patch is available for this vulnerability.
It is recommended that the package is only used for local development, and if the functionality is needed for production, a different package is used instead.
References
https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/liuyaserver
GitHub Advisory
{"id": "NODEJS:413", "type": "nodejs", "bulletinFamily": "software", "title": "Directory Traversal", "description": "## Overview\n\nAffected versions of `liuyaserver` resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system.\n\nExample request:\n```\nGET /../../../../../../../../../../etc/passwd HTTP/1.1\nhost:foo\n```\n\n## Recommendation\n\nNo patch is available for this vulnerability.\n\nIt is recommended that the package is only used for local development, and if the functionality is needed for production, a different package is used instead.\n\n## References\n\n- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/liuyaserver\n- [GitHub Advisory](https://github.com/advisories/GHSA-xj6q-9hx8-mm7f)", "published": "2017-07-05T17:40:56", "modified": "2021-09-23T07:58:54", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"acInsufInfo": true, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "href": "https://www.npmjs.com/advisories/413", "reporter": "Liang Gong", "references": [], "cvelist": ["CVE-2017-16170"], "immutableFields": [], "lastseen": "2021-09-23T06:35:57", "viewCount": 26, "enchantments": {"score": {"value": 8.1, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2017-16170"]}, {"type": "github", "idList": ["GHSA-XJ6Q-9HX8-MM7F"]}], "rev": 4}, "backreferences": {"references": [{"type": "cert", "idList": ["VU:319816"]}, {"type": "cve", "idList": ["CVE-2017-16170"]}, {"type": "github", "idList": ["GHSA-XJ6Q-9HX8-MM7F"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310108456"]}, {"type": "osv", "idList": ["OSV:GHSA-XJ6Q-9HX8-MM7F"]}, {"type": "threatpost", "idList": ["THREATPOST:12B9BFB35BF21AD95E3A7F11B241431F"]}]}, "exploitation": null, "vulnersScore": 8.1}, "affectedSoftware": [{"operator": "ge", "version": "0.0.0", "name": "liuyaserver"}], "_state": {"dependencies": 1647589307, "score": 0}}
{"cve": [{"lastseen": "2022-03-23T14:35:48", "description": "liuyaserver is a static file server. liuyaserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing \"../\" in the url.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-07T02:29:00", "type": "cve", "title": "CVE-2017-16170", "cwe": ["CWE-22"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16170"], "modified": "2019-10-09T23:24:00", "cpe": ["cpe:/a:liuyaserver_project:liuyaserver:1.0.0"], "id": "CVE-2017-16170", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-16170", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:liuyaserver_project:liuyaserver:1.0.0:*:*:*:*:node.js:*:*"]}], "osv": [{"lastseen": "2022-05-12T01:30:52", "description": "Affected versions of `liuyaserver` resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system.\n\nExample request:\n```\nGET /../../../../../../../../../../etc/passwd HTTP/1.1\nhost:foo\n```\n\n\n## Recommendation\n\nNo patch is available for this vulnerability.\n\nIt is recommended that the package is only used for local development, and if the functionality is needed for production, a different package is used instead.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-09-01T17:34:34", "type": "osv", "title": "Directory Traversal in liuyaserver", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16170"], "modified": "2020-08-31T18:22:10", "id": "OSV:GHSA-XJ6Q-9HX8-MM7F", "href": "https://osv.dev/vulnerability/GHSA-xj6q-9hx8-mm7f", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "github": [{"lastseen": "2022-04-30T13:47:20", "description": "Affected versions of `liuyaserver` resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system.\n\nExample request:\n```\nGET /../../../../../../../../../../etc/passwd HTTP/1.1\nhost:foo\n```\n\n\n## Recommendation\n\nNo patch is available for this vulnerability.\n\nIt is recommended that the package is only used for local development, and if the functionality is needed for production, a different package is used instead.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-09-01T17:34:34", "type": "github", "title": "Directory Traversal in liuyaserver", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16170"], "modified": "2021-01-14T16:03:47", "id": "GHSA-XJ6Q-9HX8-MM7F", "href": "https://github.com/advisories/GHSA-xj6q-9hx8-mm7f", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}]}
