CVE-2017-15363
published 2017-10-15CVE-2017-15363: Directory traversal vulnerability in public/examples/resources/getsource.php in Luracast Restler through 3.0.0, as used in the restler extension before 1.7.1…
PriorityP276high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
13.65%
96.0th percentile
Directory traversal vulnerability in public/examples/resources/getsource.php in Luracast Restler through 3.0.0, as used in the restler extension before 1.7.1 for TYPO3, allows remote attackers to read arbitrary files via the file parameter.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| aoe | restler | >= 0 < 1.7.1 | 1.7.1 |
| luracast | restler | < 1.7.1 | 1.7.1 |
| luracast | restler | < 3.0.0 | 3.0.0 |
| luracast | restler | >= 0 < 3.1.0 | 3.1.0 |
Detection & IOCsextracted from sources · hover to see the quote
url{{BaseURL}}/typo3conf/ext/restler/vendor/luracast/restler/public/examples/resources/getsource.php?file=../../../../../../../LocalConfiguration.php↗
- →Look for GET requests to getsource.php with a 'file' parameter containing directory traversal sequences (e.g., '../') targeting LocalConfiguration.php or other sensitive files. ↗
- →A successful exploitation response (HTTP 200) will contain PHP config keywords: '<?php', "'host'", "'database'", "'extConf'", "'debug'" in the body — indicative of TYPO3 LocalConfiguration.php disclosure. ↗
- ·The vulnerable script is only present in TYPO3 installations using the restler extension before version 1.7.1; the path is specific to the TYPO3 extension layout under typo3conf/ext/restler/. ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vulncheck7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Luracast Restler directory traversal vulnerability
osv·2022-05-13
CVE-2017-15363 [HIGH] Luracast Restler directory traversal vulnerability
Luracast Restler directory traversal vulnerability
Directory traversal vulnerability in public/examples/resources/getsource.php in Luracast Restler through 3.0.0, as used in the restler extension before 1.7.1 for TYPO3, allows remote attackers to read arbitrary files via the file parameter.
GHSA
Luracast Restler directory traversal vulnerability
ghsa·2022-05-13
CVE-2017-15363 [HIGH] CWE-22 Luracast Restler directory traversal vulnerability
Luracast Restler directory traversal vulnerability
Directory traversal vulnerability in public/examples/resources/getsource.php in Luracast Restler through 3.0.0, as used in the restler extension before 1.7.1 for TYPO3, allows remote attackers to read arbitrary files via the file parameter.
VulnCheck
luracast restler Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
vulncheck·2017·CVSS 7.5
CVE-2017-15363 [HIGH] luracast restler Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
luracast restler Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Directory traversal vulnerability in public/examples/resources/getsource.php in Luracast Restler through 3.0.0, as used in the restler extension before 1.7.1 for TYPO3, allows remote attackers to read arbitrary files via the file parameter.
Affected: luracast restler
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2023-11-26&host_type=src&vulnerability=cve-2017-15363; https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-01-03&host_type=src&vulnerability=c
No detection rules found.
Nuclei
Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 - Local File Inclusion
nuclei·CVSS 7.5
CVE-2017-15363 [HIGH] Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 - Local File Inclusion
Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 - Local File Inclusion
Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 is susceptible to local file inclusion in public/examples/resources/getsource.php. This could allow remote attackers to read arbitrary files via the file parameter.
Template:
id: CVE-2017-15363
info:
name: Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 - Local File Inclusion
author: 0x_Akoko
severity: high
description: Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 is susceptible to local file inclusion in public/examples/resources/getsource.php. This could allow remote attackers to read arbitrary files via the file parameter.
impact: |
The vulnerability allows an attacker to include local files, potentially leading to unauthorized access or code execution.
remediation:
No writeups or analysis indexed.
2017-10-15
Published
Exploited in the wild