CVE-2015-5688
published 2015-09-04CVE-2015-5688: Directory traversal vulnerability in lib/app/index.js in Geddy before 13.0.8 for Node.js allows remote attackers to read arbitrary files via a ..%2f (dot dot…
PriorityP341medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
9.38%
94.8th percentile
Directory traversal vulnerability in lib/app/index.js in Geddy before 13.0.8 for Node.js allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the PATH_INFO to the default URI.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| geddyjs | geddy | — | — |
| geddyjs | geddy | >= 0 < 13.0.8 | 13.0.8 |
Detection & IOCsextracted from sources · hover to see the quote
- →Look for GET requests containing '..%2f' sequences (URL-encoded directory traversal) in the request path targeting the default URI of a Geddy Node.js application. ↗
- →Match HTTP 200 responses whose body contains the regex 'root:.*:0:0:' to confirm successful /etc/passwd retrieval via traversal. ↗
- →Flag Geddy versions prior to 13.0.8 (e.g., 13.0.7) running on Node.js as vulnerable to this directory traversal / LFI. ↗
- ·The traversal depth used in the proof-of-concept is 16 levels of '..%2f'; shallower traversal sequences may also succeed depending on the server's working directory depth. ↗
- ·The vulnerability is confined to the default URI handler in lib/app/index.js; custom route configurations may alter exploitability. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Directory Traversal in geddy
ghsa·2017-10-24
CVE-2015-5688 [HIGH] CWE-22 Directory Traversal in geddy
Directory Traversal in geddy
Versions 13.0.8 and earlier of geddy are vulnerable to a directory traversal attack via URI encoded attack vectors.
### Proof of Concept
```
http://localhost:4000/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd
```
## Recommendation
Update geddy to version >= 13.0.8
OSV
Directory Traversal in geddy
osv·2017-10-24
CVE-2015-5688 [HIGH] Directory Traversal in geddy
Directory Traversal in geddy
Versions 13.0.8 and earlier of geddy are vulnerable to a directory traversal attack via URI encoded attack vectors.
### Proof of Concept
```
http://localhost:4000/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd
```
## Recommendation
Update geddy to version >= 13.0.8
No detection rules found.
Nuclei
Geddy <13.0.8 - Local File Inclusion
nuclei·CVSS 5.0
CVE-2015-5688 [MEDIUM] Geddy <13.0.8 - Local File Inclusion
Geddy <13.0.8 - Local File Inclusion
Geddy prior to version 13.0.8 contains a directory traversal vulnerability in lib/app/index.js that allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the PATH_INFO to the default URI.
Template:
id: CVE-2015-5688
info:
name: Geddy <13.0.8 - Local File Inclusion
author: pikpikcu
severity: medium
description: Geddy prior to version 13.0.8 contains a directory traversal vulnerability in lib/app/index.js that allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the PATH_INFO to the default URI.
impact: |
The vulnerability can be exploited to read sensitive files, execute arbitrary code, or gain unauthorized access to the system.
remediation: |
Upgrade Geddy to version 13.0.8 or later
No writeups or analysis indexed.
https://github.com/geddy/geddy/commit/2de63b68b3aa6c08848f261ace550a37959ef231https://github.com/geddy/geddy/issues/697https://github.com/geddy/geddy/pull/699https://github.com/geddy/geddy/releases/tag/v13.0.8https://nodesecurity.io/advisories/geddy-directory-traversalhttps://github.com/geddy/geddy/commit/2de63b68b3aa6c08848f261ace550a37959ef231https://github.com/geddy/geddy/issues/697https://github.com/geddy/geddy/pull/699https://github.com/geddy/geddy/releases/tag/v13.0.8https://nodesecurity.io/advisories/geddy-directory-traversal
2015-09-04
Published