Miggo Logo

CVE-2020-15246: Local File Inclusion by unauthenticated users

7.5

CVSS Score
3.1

Basic Information

EPSS Score
0.76979%
Published
11/23/2020
Updated
2/1/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
october/cmscomposer>= 1.0.421, < 1.0.4691.0.469

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from insufficient validation in the whereFileName method, which handles filename inputs. The patched commit adds a validateFileName() call to this method, indicating it was previously missing critical path traversal checks. This allowed unauthenticated attackers to manipulate the filename parameter to access restricted files via directory traversal. The direct correlation between the vulnerability description (path traversal) and the patched function's added validation confirms this as the primary vulnerable function.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t *n *tt**k*r **n *xploit t*is vuln*r**ility to r*** lo**l *il*s on *n O*to**r *MS s*rv*r. T** vuln*r**ility is *xploit**l* *y un*ut**nti**t** us*rs vi* * sp**i*lly *r**t** r*qu*st. ### P*t***s Issu* **s ***n p*t**** in *uil* *** (v*.*.***)

Reasoning

T** vuln*r**ility st*ms *rom insu**i*i*nt `v*li**tion` in t** `w**r**il*N*m*` m*t*o*, w*i** **n*l*s `*il*n*m*` inputs. T** p*t**** *ommit ***s * `v*li**t**il*N*m*()` **ll to t*is m*t*o*, in*i**tin* it w*s pr*viously missin* *riti**l p*t* tr*v*rs*l **