Arbitrary File Write in connect-parse-php

Do your applications use this vulnerable package? Test your applications

Overview

connect-parse-php is a php parsing middleware for grunt-contrib-connect.

Affected versions of the package are vulnerable to Directory Traversal, which may allow access to sensitive files and data on the server. For example, requesting the following url /..%2f..%2fetc/passwd would result in /etc/passwd leak.

Thanks to Liang Gong for disclosing this vulnerability!

Remediation

There is no fix version for connect-parse-php.

References

PoC by Liang Gong

Attack Vector

Network
Attack Complexity

Low
Privileges Required

None
User Interaction

None
Scope

Unchanged
Confidentiality

Low
Integrity

Low
Availability

Low

Credit: Liang Gong
CWE: CWE-626
Snyk ID: npm:connect-parse-php:20170511
Disclosed: 11 May, 2017
Published: 07 Jun, 2017

Arbitrary File Write
Affecting connect-parse-php package, ALL versions

Overview

Remediation

References

CVSS Score

Arbitrary File Write Affecting connect-parse-php package, ALL versions

Overview

Remediation

References

Arbitrary File Write
Affecting connect-parse-php package, ALL versions