Miggo Logo
Miggo Vulnerability Database
CVE-2021-31800

CVE-2021-31800: Path traversal in impacket

9.8

CVSS Score
3.1

Basic Information

CVE ID
CVE-2021-31800
GHSA ID
GHSA-mj63-64x7-57xf
EPSS Score
0.97115%
CWE
CWE-22
Published
6/18/2021
Updated
9/23/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
impacketpip< 0.9.230.9.23

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from insufficient path validation in file operation functions. The advisory explicitly references line numbers in smbserver.py related to these functions. The fix commit (49c643b) introduced path prefix checks, confirming that these functions previously lacked traversal protection. Functions like openFile used os.path.join with user-controlled filenames, while findFirst2 processed search patterns without sanitization. The high confidence comes from direct code references in advisories and the nature of the vulnerability (CWE-22).

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Multipl* p*t* tr*v*rs*l vuln*r**iliti*s *xist in sm*s*rv*r.py in Imp**k*t ***or* *.*.**. *n *tt**k*r t**t *onn**ts to * runnin* sm*s*rv*r inst*n** **n list *n* writ* to *r*itr*ry *il*s vi* ../ *ir**tory tr*v*rs*l. T*is *oul* pot*nti*lly ** **us** to

Reasoning

T** vuln*r**ility st*ms *rom insu**i*i*nt p*t* v*li**tion in *il* op*r*tion *un*tions. T** **visory *xpli*itly r***r*n**s lin* num**rs in `sm*s*rv*r.py` r*l*t** to t**s* *un*tions. T** *ix *ommit (*******) intro*u*** p*t* pr**ix ****ks, *on*irmin* t*