CVE-2022-34126 - Critical Directory Traversal Vulnerability in Activity plugin for GLPI

The cybersecurity community has recently identified a critical directory traversal vulnerability in the Activity plugin before version 3.1.1 for GLPI (an open-source IT and asset management system). The vulnerability is registered as CVE-2022-34126 and allows attackers to read local files on the server by exploiting the front/cra.send.php file parameter.

Affected Plugin: Activity (versions before 3.1.1)

- Affected File: front/cra.send.php file parameter

Impact: Information Disclosure (Access to local files)

To prevent exploitation, it is essential to update the Activity plugin to version 3.1.1, which has been patched by the developers.

Exploit Details

This specific directory traversal vulnerability stems from improper input validation on the file parameter in the front/cra.send.php script. Attackers can exploit this vulnerability by crafting a malicious request containing a specially-crafted file parameter, which allows them to access sensitive local files like:

- /etc/passwd
- /etc/shadow

Files containing user credentials or other sensitive information.

An attacker could craft a malicious request using a relative path to traverse directories and access restricted files. For example:

http://example.com/plugins/activity/front/cra.send.php?file=../../../etc/passwd

This request would attempt to access the /etc/passwd file, extracting potentially sensitive information about users on the server.

Mitigation

To mitigate this vulnerability, it is crucial to update the Activity plugin for GLPI to version 3.1.1, the latest version with the issue fixed. Moreover, it is also advisable to:

References

1. Official CVE-2022-34126: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34126
2. GLPI: https://glpi-project.org/
3. Activity Plugin Repository: https://github.com/pluginsGLPI/activity
4. Plugin Update: https://github.com/pluginsGLPI/activity/releases/tag/v3.1.1

Stay informed about emerging cybersecurity threats and vulnerabilities, regularly update your software and plugins, and consider sharing this information with your colleagues and network to help foster a more secure environment in the IT community.

Timeline

Published on: 04/16/2023 03:15:00 UTC
Last modified on: 04/25/2023 18:52:00 UTC