cbcvebase.
CVE-2024-51483
published 2024-11-01

CVE-2024-51483: changedetection.io is free, open source web page change detection software. Prior to version 0.47.5, when a WebDriver is used to fetch files…

PriorityP348medium6.9CVSS 4.0
AVNACLATNPRNUINVCLVILVANSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
2.29%
81.0th percentile
changedetection.io is free, open source web page change detection software. Prior to version 0.47.5, when a WebDriver is used to fetch files, `source:file:///etc/passwd` can be used to retrieve local system files, where the more traditional `file:///etc/passwd` gets blocked. Version 0.47.5 fixes the issue.

Affected

2 ranges
VendorProductVersion rangeFixed in
dgtlmoonchangedetection.io< 0.47.50.47.5
dgtlmoonchangedetection.io>= 0 < 0.47.50.47.5

Detection & IOCsextracted from sources · hover to see the quote

path/preview/{{uuid}}
othercontains(body,'root:x:0')
  • Detection via nuclei-style template: fetch /preview/<uuid> endpoint and check response body for 'root:x:0' string indicating successful /etc/passwd exfiltration
  • Nuclei template matches on HTTP 200 response with content-type text/html and body containing 'root:x:0' to confirm exploitation
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.