CVE-2024-51483 Scanner

Changedetection.io is widely used by web developers and IT administrators to monitor web page changes over time. It is open source, allowing users to host their own instance of the software, which gives them complete control over the data and customization according to their monitoring needs. The software is utilized in various industries for tracking page modifications, price changes, and reporting discrepancies. Given its capacity to use plugins and web hooks, it integrates easily into larger systems and workflows. Many businesses rely on it to alert them quickly to changes that may affect content or user interaction. It is favored for its ability to perform detailed, automated checks without needing advanced configurations.

The Path Traversal vulnerability allows attackers to manipulate file paths in the software to access sensitive files and directories outside the web root folder. This kind of security flaw can expose critical system files such as configuration files and password lists. Path Traversal vulnerabilities arise when user input that is not properly sanitized is used to access file paths, leading to potentially severe breaches if exploited. In this case, the vulnerability affects versions of Changedetection.io up to 0.47.4, permitting retrieval of local system files using unconventional means. The issue highlights how reliance on web drivers can open doors for attackers if not properly managed. Addressing this issue is crucial to maintaining the integrity of systems relying on Changedetection.io.

The technical exploitation involves using a string like `source-file-///etc/passwd` instead of the typical `file-///etc/passwd`, which the system blocks. This bypasses the protection mechanisms in place and retrieves local files. The template checks for this bypass by issuing a crafted request that mimics this scenario. The vulnerable endpoint is identified through POST requests to specific URIs, aiming to trigger a file fetch action in the web driver's configuration. The vulnerability relies on the misuse of WebDriver's capability to handle file protocol paths inadequately. Detection of this flaw involves verifying successful retrieval of unauthorized paths indicated by server response.

If an attacker exploits this vulnerability, they could gain unauthorized access to critical system files, compromising the confidentiality and integrity of the server. Sensitive data could be leaked, leading to further exploitation and potential loss of control over server resources. Path traversal vulnerabilities could open avenues for subsequent attacks, as malicious users can gather intelligence about the system’s file structure and sensitive configurations. Over time, data breaches stemming from such a flaw could irreparably damage an organization's reputation and result in compliance violations. Immediate patching and improved input validation are essential to prevent exploitation.

REFERENCES

• https://github.com/advisories/GHSA-cwgg-57xj-g77r
• https://github.com/dgtlmoon/changedetection.io/blob/master/changedetectionio/model/Watch.py#L19
• https://github.com/dgtlmoon/changedetection.io/blob/master/changedetectionio/processors/__init__.py#L35
• https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-cwgg-57xj-g77r
• https://github.com/user-attachments/files/17591630/CL-ChangeDetection.io.Path.Travsersal-311024-181039.pdf