top of page

CData API Server Directory Traversal CVE-2024-31848



Application Details

The CData API Server is a lightweight application that allows developers to create and expose data APIs, for any supported data source, without the need for custom development.


Vulnerability

The Java version of CData API Server < 23.4.8844 could allow a remote attacker to traverse directories on the system, caused by a flaw when running using the embedded Jetty server.


Identification

An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to gain complete administrative access to the application.

GET /ui/..%5Csrc%5CgetSettings.rsb?@json 
Detection

By turning this into a traffic file and matching rule, we are able to detect attempts by an unauthenticated remote attacker at directory traversal leading to complete administrative access to the application.


Coverage

Idappcom have created signature 8024917 along with a traffic file for this vulnerability.


References


Traffic IQ

If you are concerned that your business may be at risk of this vulnerability or others why not try out our Traffic IQ software which can scan your defences and report any issues. Learn more here: https://www.idappcom.co.uk/traffic-iq-professional

Comments


bottom of page