CVE-2024-56331

Summary

CVE-2024-56331 is a vulnerability affecting Uptime Kuma, an open-source self-hosted monitoring tool. This issue involves improper URL handling, allowing attackers to access sensitive local files on the server. The vulnerability is triggered by the "real-browser" request type, which takes a screenshot of the URL provided by the attacker. By inputting local file paths, such as `file:///etc/passwd`, attackers can read sensitive data from the server. The root cause is the system's failure to validate or sanitize user input for the URL field, which accepts arbitrary file paths. The server then uses the user-provided URL to make a request, passing it to a browser instance that fetches the file, exposing sensitive data through screenshots. Authenticated users who can submit URLs in "real-browser" mode are at risk. This vulnerability has been addressed in version 1.23.16, and all users are advised to upgrade. There is no known workaround.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.