Lucene search

K

Veracode Vulnerability DatabaseVERACODE:48383

HistoryAug 06, 2024 - 7:01 a.m.

Path Traversal

2024-08-0607:01:40

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

10

nuxt/devtools

path traversal

missing authentication

origin checks

websocket handler

data exfiltration

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

Low

@nuxt/devtools is vulnerable to Path Traversal. The vulnerability is due to missing authentication on the getTextAssetContent RPC function and a lack of Origin checks on the WebSocket handler, allowing attackers to interact with a locally running devtools instance and exfiltrate data.

References

github.com/nuxt/devtools/blob/c4f2b68281203fc3f61ffc97d9c6623fbfde46bb/packages/devtools/src/dev-auth.ts#L14

github.com/nuxt/devtools/blob/c4f2b68281203fc3f61ffc97d9c6623fbfde46bb/packages/devtools/src/server-rpc/assets.ts#L88C48-L88C48

github.com/nuxt/devtools/blob/c4f2b68281203fc3f61ffc97d9c6623fbfde46bb/packages/devtools/src/server-rpc/assets.ts#L96C11-L96C28

github.com/nuxt/devtools/blob/c4f2b68281203fc3f61ffc97d9c6623fbfde46bb/packages/devtools/src/server-rpc/index.ts#L109

github.com/nuxt/devtools/commit/69316c477455332bd2b2037956fa6cfe02610d2f

github.com/nuxt/nuxt/security/advisories/GHSA-rcvg-rgf7-pppv

portswigger.net/web-security/websockets/cross-site-websocket-hijacking

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

Low

Related for VERACODE:48383

cvelist1 github1 nvd1 osv1 vulnrichment1 cve1 nessus3