CVE-2022-0072 - Directory Traversal vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server Dashboard allows Path Traversal in Multiple Versions

LiteSpeed Technologies is widely known for its high-performance web server solutions, one of which is the OpenLiteSpeed Web Server. Recently, a critical security vulnerability has been identified in the web server dashboard, affecting multiple versions of the software. The vulnerability, designated as CVE-2022-0072, allows attackers to perform Directory Traversal attacks, potentially leading to unauthorized access to sensitive information or even full system compromise.

Technical Details

The Directory Traversal vulnerability CVE-2022-0072 allows an attacker to access files on the server outside the web server's root directory. In simple terms, this means an attacker can bypass the intended file restrictions by supplying input with specific directory traversal sequences.

A typical attack scenario could include an attacker sending a maliciously crafted HTTP request containing directory traversal sequences (such as "../"), thereby enabling access to sensitive files or directories on the web server. The following code snippet provides an example of a malicious HTTP request exploiting the vulnerability:

GET /vhost/httpd%c%af../..%c%afetc%c%afpasswd HTTP/1.1
Host: vulnerable.server.com

The above example demonstrates a potential attack where the attacker tries to access the /etc/passwd file on a Linux-based server, potentially leaking sensitive user data.

Original References

The vulnerability was initially discovered by security researcher Andrey Kolishak. You can find the original disclosure report by following the links below:

- CVE-2022-0072
- LiteSpeed Technologies Advisory
- Andrey Kolishak's Blog Post

Exploitation Details

To exploit this vulnerability, the attacker needs to have access to the vulnerable OpenLiteSpeed Web Server Dashboard. The attacker can then send a crafted HTTP GET request, as mentioned above, to access sensitive files or directories on the server.

Mitigation and Patch Update

To protect your OpenLiteSpeed Web Server from the directory traversal vulnerability, it is crucial to update to the latest versions available. LiteSpeed Technologies has released patches to address this issue in the following versions:

OpenLiteSpeed Web Server 1.7.16.1

Upgrading your server to the patched version will ensure that the vulnerability no longer exists, mitigating the risk of potential attacks and keeping your data secure.

Conclusion

CVE-2022-0072 is a critical Directory Traversal vulnerability in the LiteSpeed Technologies OpenLiteSpeed Web Server Dashboard, affecting multiple versions. This vulnerability allows an attacker to perform unauthorized access to sensitive information on the server, potentially resulting in significant harm. By upgrading to the latest, patched version of the software, server administrators can ensure the protection of their server and data against this critical vulnerability.

Timeline

Published on: 10/27/2022 20:15:00 UTC
Last modified on: 10/28/2022 19:01:00 UTC