4 matches found
CVE-2024-56331
Uptime Kuma is an open source, self-hosted monitoring tool. An Improper URL Handling Vulnerability allows an attacker to access sensitive local files on the server by exploiting the file:/// protocol. This vulnerability is triggered via the "real-browser" request type, which takes a screenshot of...
CVE-2024-56331 Local File Inclusion (LFI) via Improper URL Handling in uptime-kuma's `Real-Browser` monitor
Uptime Kuma is an open source, self-hosted monitoring tool. An Improper URL Handling Vulnerability allows an attacker to access sensitive local files on the server by exploiting the file:/// protocol. This vulnerability is triggered via the "real-browser" request type, which takes a screenshot of...
CVE-2024-56331 Local File Inclusion (LFI) via Improper URL Handling in uptime-kuma's `Real-Browser` monitor
Uptime Kuma is an open source, self-hosted monitoring tool. An Improper URL Handling Vulnerability allows an attacker to access sensitive local files on the server by exploiting the file:/// protocol. This vulnerability is triggered via the "real-browser" request type, which takes a screenshot of...
CVE-2024-56331
CVE-2024-56331 affects Uptime Kuma’s real-browser monitor, enabling Local File Inclusion via file:/// URLs. The vulnerability arises from insufficient server-side validation of the URL input, allowing an authenticated user to trigger the browser to fetch and capture local files (e.g., /etc/passwd...