HTTP: Grav CMS Page Media Upload Directory Traversal
This signature detects attempts to exploit a known vulnerability against Grav CMS Page Media. A successful attack can lead to directory traversal and arbitrary code execution.
Extended Description
Grav is an open-source, flat-file content management system. A file upload path traversal vulnerability has been identified in the application prior to version 1.7.45, enabling attackers to replace or create files with extensions like .json, .zip, .css, .gif, etc. This critical security flaw poses severe risks, that can allow attackers to inject arbitrary code on the server, undermine integrity of backup files by overwriting existing files or creating new ones, and exfiltrate sensitive data using CSS exfiltration techniques. Upgrading to patched version 1.7.45 can mitigate the issue.
Affected Products
Getgrav grav
References
CVE: CVE-2024-27921
Short Name
HTTP:DIR:GRAV-CMS-PAGE-MEDIA
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CMS CVE-2024-27921 Directory Grav Media Page Traversal Upload
Release Date
05/03/2024
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3771
False Positive
Unknown
Vendors
Getgrav