S4E

CVE-2023-43662 Scanner

CVE-2023-43662 Scanner - Local File Inclusion (LFI) vulnerability in ShokoServer System

Short Info


Level

High

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

19 days 13 hours

Scan only one

URL

Toolbox

-

ShokoServer is commonly used by anime enthusiasts to manage and organize anime libraries. It's known for its robust features that cater specifically to the needs of anime collection organization, offering a user-friendly interface. The software serves users who are interested in cataloging their digital anime collections efficiently. It provides comprehensive metadata, aiding users in having detailed information about their collections. Due to its utility, ShokoServer is often run on personal computers and servers and is supported by a community of developers and contributors. It is open source, allowing for adaptability and regular updates from its community.

The Local File Inclusion (LFI) vulnerability allows attackers to include files on a server through the web browser. This is generally caused by improper handling of user input, where file path input isn't properly sanitized. In ShokoServer, the vulnerability occurs because the `/api/Image/WithPath` endpoint accepts unsanitized user input, leading to the unintended reading of potentially sensitive files. Such exploits can be done without authentication, increasing the risk to exposed systems. This vulnerability was identified as allowing arbitrary file reads, which can expose critical system files. As a result, the security of systems using affected versions of ShokoServer is compromised.

The vulnerability is particularly exhibited through the `/api/Image/WithPath` endpoint. It is exploited when an attacker sends a request to the endpoint with a specially crafted path. The lack of validation or sanitization allows this endpoint to read any file system path that's accessible to the service. In technical terms, the parameter `serverImagePath` is directly used in system calls, leading to an unintended file read operation. Exploitation involves crafting a request to manipulate this endpoint, bypassing its intended functionality entirely and accessing any readable files. The mechanism involves injecting file paths that traverse directories to access secure files.

If this vulnerability is exploited, unauthorized users could gain access to sensitive files and information stored on the server. Such access could include configuration files, application data, or other sensitive materials not meant for public viewing. For systems running as administrators, especially on Windows, the impact could be significantly more severe, as system-level files could be exposed. These potential data exposures could lead to further exploitation, information disclosure, and compromise of system integrity. It poses a considerable security threat, especially if exploited by a determined malicious actor.

REFERENCES

Get started to protecting your Free Full Security Scan