CVE-2024-42469
Published: 12 August 2024
Summary
CVE-2024-42469 is a critical-severity Path Traversal (CWE-22) vulnerability in Openhab Openhab. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 5.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
openHAB is an open-source home automation platform whose CometVisu visualization add-on, prior to version 4.2.1, exposed unauthenticated file-system endpoints. One of these endpoints accepted updates to existing files and was vulnerable to path traversal (CWE-22), allowing arbitrary file writes on the underlying host without authentication or user interaction. The issue carries a CVSS 3.1 score of 9.8.
An unauthenticated remote attacker can therefore overwrite any file writable by the openHAB process. When the overwritten file is a shell script later executed by the server or an administrator, the attacker obtains remote code execution on the instance.
The project’s security advisory and the referenced commit in openhab-webui indicate that version 4.2.1 contains the fix; administrators are advised to upgrade the CometVisu add-on to that release. The EPSS score has remained flat at 0.1382 since disclosure, providing no evidence of increasing exploitation interest.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-2569
Vulnerability details
openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. Prior to version 4.2.1, CometVisu's file system endpoints don't require authentication and additionally the endpoint to update an existing file is susceptible to path traversal.…
more
This makes it possible for an attacker to overwrite existing files on the openHAB instance. If the overwritten file is a shell script that is executed at a later time, this vulnerability can allow remote code execution by an attacker. Users should upgrade to version 4.2.1 to receive a patch.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Validates pathnames and filenames to prevent traversal outside intended directories.