nvd-json-data-feeds/CVE-2022/CVE-2022-269xx/CVE-2022-26960.json

{
  "id": "CVE-2022-26960",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2022-03-21T17:15:07.740",
  "lastModified": "2022-06-30T19:47:16.823",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "connector.minimal.php in std42 elFinder through 2.1.60 is affected by path traversal. This allows unauthenticated remote attackers to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths."
    },
    {
      "lang": "es",
      "value": "El archivo connector.minimal.php en std42 elFinder versiones hasta 2.1.60, est\u00e1 afectado por un salto de ruta. Esto permite a atacantes remotos no autenticados leer, escribir y navegar por archivos fuera del root del documento configurado. Esto es debido a un manejo inapropiado de las rutas absolutas de los archivos"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "NONE",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.8
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.6,
        "impactScore": 4.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:std42:elfinder:*:*:*:*:*:*:*:*",
              "versionEndExcluding": "2.1.61",
              "matchCriteriaId": "4E9D6EA0-1E01-4EEB-BBAF-E50A6344FF20"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://github.com/Studio-42/elFinder/commit/3b758495538a448ac8830ee3559e7fb2c260c6db",
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://www.synacktiv.com/publications.html",
      "source": "cve@mitre.org",
      "tags": [
        "Product"
      ]
    },
    {
      "url": "https://www.synacktiv.com/publications/elfinder-the-story-of-a-repwning.html",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ]
    }
  ]
}