CVE-2021-33807
published 2021-07-12CVE-2021-33807: Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData.
PriorityP262high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
14.11%
96.1th percentile
Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| gespage | gespage | <= 8.2.1 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →HTTP GET request to the vulnerable endpoint with directory traversal sequences in the 'file_name' parameter targeting Windows system files (e.g., NetSetup.log) indicates active exploitation.
- →Response body containing 'NetpDoDomainJoin:' confirms successful directory traversal and file read from the Windows host.
- →Response Content-Type header of 'application/octet-stream' on the doDownloadData endpoint is a secondary indicator of successful file exfiltration via traversal.
- →Monitor for HTTP 200 responses to requests on /gespage/doDownloadData or /gespage/webapp/doDownloadData containing traversal sequences (e.g., '../') in the file_name query parameter.
- ·The traversal payload shown targets Windows hosts specifically (Windows/debug/NetSetup.log); detection rules should also account for Linux/Unix path traversal variants (e.g., /etc/passwd) against the same endpoints.
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Cartadis Gespage 8.2.1 - Directory Traversal
nuclei·CVSS 7.5
CVE-2021-33807 [HIGH] Cartadis Gespage 8.2.1 - Directory Traversal
Cartadis Gespage 8.2.1 - Directory Traversal
Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData.
Template:
id: CVE-2021-33807
info:
name: Cartadis Gespage 8.2.1 - Directory Traversal
author: daffainfo
severity: high
description: Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData.
impact: |
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files, potential data leakage, and further compromise of the system.
remediation: |
Apply the latest security patch or update provided by the vendor to fix the directory traversal vulnerability in Cartadis Gespage 8.2.1.
reference:
- https://www.on-x.com/sites/default/files/on-x_
https://support.gespage.com/fr/support/solutions/articles/14000130201-security-advisory-gespage-directory-traversalhttps://www.cartadis.com/gespage-website/https://www.gespage.comhttps://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_gespage_-_cve-2021-33807.pdfhttps://support.gespage.com/fr/support/solutions/articles/14000130201-security-advisory-gespage-directory-traversalhttps://www.cartadis.com/gespage-website/https://www.gespage.comhttps://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_gespage_-_cve-2021-33807.pdf
2021-07-12
Published