High

devika

Local File Read Vulnerability

A local file read vulnerability was identified in the web application 'devika' by stitionai, affecting the latest version. The vulnerability allows an attacker to read arbitrary files from the system by manipulating the 'snapshot_path' parameter in a specific API request. There is no fixed version mentioned, indicating the issue might still be unresolved.

Available publicly on Jun 27 2024

7.5

CVSS:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Credit:

ranjit-git
Threat Overview

The vulnerability stems from improper input validation in the handling of the 'snapshot_path' parameter within the API endpoint '/api/get-browser-snapshot'. By crafting a request with a manipulated 'snapshot_path' parameter, an attacker can read arbitrary files from the server's filesystem. This could lead to the disclosure of sensitive information, such as system configuration details, credentials stored in files, or any data that the server has access to. The impact is significant as it compromises the confidentiality and integrity of the server's data.

Attack Scenario

An attacker discovers the vulnerable endpoint and crafts a malicious HTTP GET request targeting the '/api/get-browser-snapshot' API. By setting the 'snapshot_path' parameter to the path of a sensitive file (e.g., '/etc/passwd'), the attacker can retrieve the contents of that file. This attack can be performed remotely and does not require authentication, making it particularly dangerous.

Who is affected

All users and administrators of the 'devika' web application by stitionai are affected by this vulnerability. Specifically, systems where the latest version of 'devika' is deployed without any mitigating controls in place are at risk. The vulnerability exposes sensitive files on the server to unauthorized access.

Technical Report
Want more out of Sightline?

Sightline offers even more for premium customers

Go Premium

We have - related security advisories that are available with Sightline Premium.