cbcvebase.
CVE-2021-41714
published 2022-05-23

CVE-2021-41714: In Tipask < 3.5.9, path parameters entered by the user are not validated when downloading attachments, a registered user can download arbitrary files on the…

PriorityP277medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
ITWVulnCheck KEV
Exploited in the wild
EPSS
0.60%
44.4th percentile
In Tipask < 3.5.9, path parameters entered by the user are not validated when downloading attachments, a registered user can download arbitrary files on the Tipask server such as .env, /etc/passwd, laravel.log, causing infomation leakage.

Affected

1 ranges
VendorProductVersion rangeFixed in
tipasktipask< 3.5.93.5.9

Detection & IOCsextracted from sources · hover to see the quote

path.env
path/etc/passwd
filenamelaravel.log
  • Monitor HTTP requests to Tipask attachment download endpoints where path parameters contain directory traversal sequences or references to sensitive files such as .env, /etc/passwd, or laravel.log — these indicate exploitation of the path traversal vulnerability.
  • Exploitation requires an authenticated (registered) user session; correlate suspicious file download requests with recently registered or low-activity accounts to identify potential abuse.
  • GreyNoise reclassified ENV Crawler IPs as malicious intent; blocking or alerting on IPs tagged as ENV Crawlers in GreyNoise can help detect opportunistic scanning for exposed .env files related to this and similar CVEs.
  • ·Vulnerability only affects Tipask versions below 3.5.9; verify the installed version before applying detection rules to avoid false positives on patched instances.

CVSS provenance

nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
vulncheck7.7HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.