Main Vulnerability Database SB2017060209

SB2017060209 - Directory traversal in Next.js 2.0

Published: June 2, 2017 Updated: September 1, 2021

Security Bulletin ID SB2017060209

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Path traversal (CVE-ID: N/A)

The vulnerability allows a remote attacker to view contest of arbitrary files on the system.

The vulnerability exists due to insufficient input validation when processing requests sent to /_next</code> and <code>/static namespaces. A remote attacker can send a specially crafted HTTP GET request, containing directory traversal sequences and view contest of arbitrary files on the system.

Exploitation example:

http://[host]/_next\..\..\..\..\..\..\..\..\..\etc\passwd

Remediation

Install update from vendor's website.

References

https://send-patch.now.sh/
http://www.securitylab.ru/blog/personal/raz0r/341958.php