CVE-2024-30851
Published: 03 May 2024
Summary
CVE-2024-30851 is a medium-severity Path Traversal (CWE-22) vulnerability in Codesiddhant Jasmin-Ransomware. Its CVSS base score is 6.5 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Data from Local System (T1005); ranked in the top 1.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2024-30851 is a directory traversal vulnerability (CWE-22) affecting the download_file.php component in codesiddhant Jasmin Ransomware version 1.0.1. The flaw received a CVSS 3.1 base score of 6.5 and permits unauthorized access to files outside the intended directory scope.
Unauthenticated remote attackers can exploit the issue over the network with low attack complexity to read or modify limited sensitive information on the affected system. No user interaction or privileges are required, enabling straightforward retrieval or alteration of files through manipulated path parameters in requests to the vulnerable PHP endpoint.
Public references consist of a proof-of-concept exploit and the original ransomware repository on GitHub; no vendor advisories or official patches are listed. The EPSS score stands at 0.7569 with no material change from its recorded peak, indicating sustained but not newly emerging exploitation interest.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-28769
Vulnerability details
Directory Traversal vulnerability in codesiddhant Jasmin Ransomware v.1.0.1 allows an attacker to obtain sensitive information via the download_file.php component.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Directory traversal in download_file.php enables pre-auth arbitrary file reads (T1190), facilitating collection of data from local system (T1005), file and directory discovery (T1083), and unsecured credentials in files like decryption keys (T1552.001).
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Validates pathnames and filenames to prevent traversal outside intended directories.