CVE-2021-43788
published 2021-11-29CVE-2021-43788: Nodebb is an open source Node.js based forum software. Prior to v1.18.5, a path traversal vulnerability was present that allowed users to access JSON files…
PriorityP338medium5CVSS 3.1
AVNACLPRLUINSCCLINAN
EPSS
25.84%
97.7th percentile
Nodebb is an open source Node.js based forum software. Prior to v1.18.5, a path traversal vulnerability was present that allowed users to access JSON files outside of the expected `languages/` directory. The vulnerability has been patched as of v1.18.5. Users are advised to upgrade as soon as possible.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nodebb | nodebb | — | — |
| nodebb | nodebb | >= 1.0.4 < 1.18.5 | 1.18.5 |
| nodebb | nodebb | 1.0.4 – 1.18.4 | — |
CVSS provenance
nvdv3.15.0MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
NodeBB vulnerable to path traversal in translator module
osv·2021-11-30
CVE-2021-43788 [MEDIUM] NodeBB vulnerable to path traversal in translator module
NodeBB vulnerable to path traversal in translator module
### Impact
Prior to v1.18.5, a path traversal vulnerability was present that allowed users to access JSON files outside of the expected `languages/` directory.
### Patches
The vulnerability has been patched as of v1.18.5.
### Workarounds
Cherry-pick commit hash `c8b2fc46dc698db687379106b3f01c71b80f495f` to receive this patch in lieu of a full upgrade.
### For more information
If you have any questions or comments about this advisory:
* Email us at [[email protected]](mailto:[email protected])
GHSA
NodeBB vulnerable to path traversal in translator module
ghsa·2021-11-30
CVE-2021-43788 [MEDIUM] CWE-22 NodeBB vulnerable to path traversal in translator module
NodeBB vulnerable to path traversal in translator module
### Impact
Prior to v1.18.5, a path traversal vulnerability was present that allowed users to access JSON files outside of the expected `languages/` directory.
### Patches
The vulnerability has been patched as of v1.18.5.
### Workarounds
Cherry-pick commit hash `c8b2fc46dc698db687379106b3f01c71b80f495f` to receive this patch in lieu of a full upgrade.
### For more information
If you have any questions or comments about this advisory:
* Email us at [[email protected]](mailto:[email protected])
Suricata
ET EXPLOIT NodeBB Path Traversal (CVE-2021-43788)
suricata·2021-12-06·CVSS 5.0
CVE-2021-43788 [MEDIUM] ET EXPLOIT NodeBB Path Traversal (CVE-2021-43788)
ET EXPLOIT NodeBB Path Traversal (CVE-2021-43788)
Rule: alert http any any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET EXPLOIT NodeBB Path Traversal (CVE-2021-43788)"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"nodebb|2e|org|2f 3f 5b 5b 2e 2e 2f|"; nocase; fast_pattern; content:"|3a|"; content:"|5d 5d|"; within:50; endswith; reference:url,blog.sonarsource.com/nodebb-remote-code-execution-with-one-shot; reference:cve,2021-43788; classtype:attempted-admin; sid:2034590; rev:2; metadata:created_at 2021_12_06, cve CVE_2021_43788, deployment Perimeter, deployment Internal, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2022_03_24, mitre_tactic_id TA0007, mitre_tactic_name Discovery, mitre_technique_id T1083, mit
No public exploits indexed.
No writeups or analysis indexed.
https://blog.sonarsource.com/nodebb-remote-code-execution-with-one-shot/https://github.com/NodeBB/NodeBB/commit/c8b2fc46dc698db687379106b3f01c71b80f495fhttps://github.com/NodeBB/NodeBB/releases/tag/v1.18.5https://github.com/NodeBB/NodeBB/security/advisories/GHSA-pfj7-2qfw-vwgmhttps://blog.sonarsource.com/nodebb-remote-code-execution-with-one-shot/https://github.com/NodeBB/NodeBB/commit/c8b2fc46dc698db687379106b3f01c71b80f495fhttps://github.com/NodeBB/NodeBB/releases/tag/v1.18.5https://github.com/NodeBB/NodeBB/security/advisories/GHSA-pfj7-2qfw-vwgm
2021-11-29
Published