CVE-2022-48253
Published: 11 January 2023
Summary
CVE-2022-48253 is a critical-severity Path Traversal (CWE-22) vulnerability in Nazgul Nostromo. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 3.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
Nostromo's nhttpd web server before version 2.1 contains a path traversal vulnerability (CWE-22) that is triggered when the homedirs configuration option is enabled. The flaw received a CVSS 3.1 score of 9.8, reflecting network-accessible, unauthenticated exploitation with full impact on confidentiality, integrity, and availability.
An unauthenticated remote attacker can supply crafted requests that traverse directories and ultimately execute arbitrary commands on the underlying server. The attack requires no user interaction and succeeds against any exposed instance using the affected homedirs setting.
The EPSS score reached a peak of 0.3353 with no material subsequent change, indicating moderate and stable exploitation interest following public disclosure. Public references describe proof-of-concept paths from directory traversal to remote code execution but provide no additional mitigation details beyond upgrading to Nostromo 2.1 or later.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-50962
Vulnerability details
nhttpd in Nostromo before 2.1 is vulnerable to a path traversal that may allow an attacker to execute arbitrary commands on the remote server. The vulnerability occurs when the homedirs option is used.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Validates pathnames and filenames to prevent traversal outside intended directories.