Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2023-30451Path Traversal in Cms-core

CWE-22Path Traversal5 documents5 sources
Severity
4.9MEDIUMNVD
EPSS
0.4%
top 39.06%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Typo3 Cms-coreTypo3
Timeline
PublishedDec 25
Latest updateMar 18

Description

In TYPO3 11.5.24, the filelist component allows attackers (who have access to the administrator panel) to read arbitrary files via directory traversal in the baseuri field, as demonstrated by POST /typo3/record/edit with ../../../ in data[sys_file_storage]*[data][sDEF][lDEF][basePath][vDEF].

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 1.2 | Impact: 3.6

Affected Packages2 packages

Packagisttypo3/cms-core8.0.08.7.57+5
NVDtypo3/typo311.5.24

🔴Vulnerability Details

3
GHSA
Path Traversal in TYPO3 File Abstraction Layer Storages2024-02-13
OSV
Path Traversal in TYPO3 File Abstraction Layer Storages2024-02-13
CVEList
CVE-2023-30451: In TYPO3 112023-12-25

💥Exploits & PoCs

1
Exploit-DB
TYPO3 11.5.24 - Path Traversal (Authenticated)2024-03-18
CVE-2023-30451 — Path Traversal in Typo3 Cms-core | cvebase