6.5

CVSS Score

3.1

Basic Information

CVE ID

CVE-2018-3713

GHSA ID

GHSA-4rvg-955w-h68q

EPSS Score

0.70275%

CWE

CWE-22

Published

7/26/2018

Updated

3/1/2023

KEV Status

Technology

JavaScript

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2018-3713

CVE-2018-3713: Path Traversal in angular-http-server

Affected versions of angular-http-server are vulnerable to path traversal allowing a remote attacker to read files from the server that uses angular-http-server.

Recommendation

Update to version 1.6.0 or later.

:exclamation: Note: This was originally thought to be fixed in version 1.4.3, though according to this issue the vulnerability was not completely fixed until version 1.6.0.

(GitHub Advisory)

6.5

CVSS Score

3.1

Basic Information

CVE ID

CVE-2018-3713

GHSA ID

GHSA-4rvg-955w-h68q

EPSS Score

0.70275%

CWE

CWE-22

Published

7/26/2018

Updated

3/1/2023

KEV Status

Technology

JavaScript

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
angular-http-server	npm	< 1.6.0	1.6.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The path traversal vulnerability stems from two key flaws: (1) resolveUrl's reliance on simple '..' string checks without URL decoding, and (2) requestListener's unsafe path construction using untrusted input. The commit in PR #21 replaced these with a secure path resolution function (getFilePathFromUrl) that properly validates absolute paths and handles edge cases, confirming the original functions' inadequacy. The combination of insufficient validation in resolveUrl and improper normalization in requestListener allowed attackers to escape the restricted directory.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*****t** v*rsions o* `*n*ul*r-*ttp-s*rv*r` *r* vuln*r**l* to p*t* tr*v*rs*l *llowin* * r*mot* *tt**k*r to r*** *il*s *rom t** s*rv*r t**t us*s `*n*ul*r-*ttp-s*rv*r`. ## R**omm*n**tion Up**t* to v*rsion *.*.* or l*t*r. :*x*l*m*tion: Not*: T*is w*s

Reasoning

T** p*t* tr*v*rs*l vuln*r**ility st*ms *rom two k*y *l*ws: (*) `r*solv*Url`'s r*li*n** on simpl* '..' strin* ****ks wit*out URL ***o*in*, *n* (*) `r*qu*stList*n*r`'s uns*** p*t* *onstru*tion usin* untrust** input. T** *ommit in PR #** r*pl**** t**s*

6.5

Basic Information

Concerned about an active attack path?

CVE-2018-3713: Path Traversal in angular-http-server

Recommendation

6.5

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI