Miggo Logo
Miggo Vulnerability Database
CVE-2023-40297

CVE-2023-40297: Stakater Forecastle has a directory traversal vulnerability

7.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2023-40297
GHSA ID
GHSA-x8xm-wrjq-5g54
EPSS Score
0.84039%
CWE
CWE-22
Published
5/15/2024
Updated
5/16/2024
KEV Status
No
Technology
TechnologyGo

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
github.com/stakater/Forecastlego<= 1.0.139

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability involves improper path sanitization of URL-encoded backslashes (%5C) in the website component. The attack vector demonstrates that un-sanitized URL paths are used to access files (e.g., /%5C../etc/passwd). In Go web applications, static file handlers (often using http.ServeFile or http.Dir) are common locations for such vulnerabilities. The function name and path are inferred from standard project structures and the nature of the vulnerability, as the static file controller would be responsible for serving web assets. The confidence is high because the vulnerability pattern matches classic path traversal flaws in file-serving handlers that don't properly normalize both forward and backward slashes after URL decoding.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

St*k*t*r *or***stl* *.*.*** *n* ***or* *llows %**../ *ir**tory tr*v*rs*l in t** w**sit* *ompon*nt.

Reasoning

T** vuln*r**ility involv*s improp*r p*t* s*nitiz*tion o* URL-*n*o*** ***ksl*s**s (%**) in t** w**sit* *ompon*nt. T** *tt**k v**tor **monstr*t*s t**t un-s*nitiz** URL p*t*s *r* us** to ****ss *il*s (*.*., `/%**../*t*/p*ssw*`). In *o w** *ppli**tions,