cbcvebase.
CVE-2024-45241
published 2024-08-26

CVE-2024-45241: A traversal vulnerability in GeneralDocs.aspx in CentralSquare CryWolf (False Alarm Management) through 2024-08-09 allows unauthenticated attackers to read…

PriorityP262high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
13.62%
96.0th percentile
A traversal vulnerability in GeneralDocs.aspx in CentralSquare CryWolf (False Alarm Management) through 2024-08-09 allows unauthenticated attackers to read files outside of the working web directory via the rpt parameter, leading to the disclosure of sensitive information.

Detection & IOCsextracted from sources · hover to see the quote

url/GeneralDocs.aspx?rpt=../../../../Windows/win.ini
path/GeneralDocs.aspx
  • Detect exploitation attempts by monitoring HTTP requests to /GeneralDocs.aspx containing path traversal sequences (e.g., '../') in the 'rpt' query parameter.
  • Identify exposed CryWolf instances via FOFA using the banner string 'False Alarm Reduction Website'.
  • ·The vulnerability is unauthenticated and requires no prior access; any unauthenticated HTTP request to the affected endpoint with a traversal payload in 'rpt' is sufficient to exploit it.
  • ·The exploit is a two-step flow: first request to /GeneralDocs.aspx triggers file read, second request to /gdoc1.ashx retrieves the file content as PDF.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.