CVE-2023-39141
published 2023-08-22CVE-2023-39141: webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability.
PriorityP353high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
3.05%
85.9th percentile
webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability.
Detection & IOCsextracted from sources · hover to see the quote
path/../../../../etc/passwd
yara
contains(body_1, "Aria2 WebUI") AND regex("root:x:0:0:", body_2)- →Fingerprint vulnerable Aria2 WebUI instances by checking for 'Aria2 WebUI' in the base URL response body, then attempt path traversal to /../../../../etc/passwd and match 'root:x:0:0:' in the response.
- →Search for exposed Aria2 WebUI instances using Shodan query: title:"Aria2 WebUI" or http.title:"aria2 webui"; FOFA: title="aria2 webui"; Google: intitle:"aria2 webui".
- →The vulnerability exists in the node-server.js file of webui-aria2 at commit 4fe2e; review path handling logic at node-server.js line 10.
- ·The path traversal payload uses relative traversal sequences (../../../../etc/passwd); depth may need adjustment depending on server working directory depth.
- ·Exploitation requires no authentication (PR:N, UI:N per CVSS), making this vulnerability trivially exploitable against any exposed instance. ↗
- ·High EPSS score (0.85587, 99.37th percentile) indicates this CVE is very likely being actively exploited in the wild.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
webui-aria2 Path Traversal vulnerability
osv·2023-08-22
CVE-2023-39141 [HIGH] webui-aria2 Path Traversal vulnerability
webui-aria2 Path Traversal vulnerability
webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability.
GHSA
webui-aria2 Path Traversal vulnerability
ghsa·2023-08-22
CVE-2023-39141 [HIGH] CWE-22 webui-aria2 Path Traversal vulnerability
webui-aria2 Path Traversal vulnerability
webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability.
No detection rules found.
Nuclei
Aria2 WebUI - Path traversal
nuclei·CVSS 7.5
CVE-2023-39141 [HIGH] Aria2 WebUI - Path traversal
Aria2 WebUI - Path traversal
webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability.
Template:
id: CVE-2023-39141
info:
name: Aria2 WebUI - Path traversal
author: DhiyaneshDk
severity: high
description: |
webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability.
impact: |
An attacker can access sensitive files on the server, potentially leading to unauthorized disclosure of sensitive information.
remediation: |
Upgrade to the latest version of Aria2 WebUI to fix the path traversal vulnerability.
reference:
- https://twitter.com/win3zz/status/1694239332465520684
- https://gist.github.com/JafarAkhondali/528fe6c548b78f454911fb866b23f66e
- https://github.com/ziahamza/webui-aria2/blob/109903f0e2774cf948698cd95a01f77f33d7dd2c/node-server.js
No writeups or analysis indexed.
https://gist.github.com/JafarAkhondali/528fe6c548b78f454911fb866b23f66ehttps://github.com/ziahamza/webui-aria2/blob/109903f0e2774cf948698cd95a01f77f33d7dd2c/node-server.js#L10https://gist.github.com/JafarAkhondali/528fe6c548b78f454911fb866b23f66ehttps://github.com/ziahamza/webui-aria2/blob/109903f0e2774cf948698cd95a01f77f33d7dd2c/node-server.js#L10
2023-08-22
Published