CVE-2024-57176
Published: 21 February 2025
Summary
CVE-2024-57176 is a high-severity Incomplete Model of Endpoint Features (CWE-437) vulnerability in Antabot White-Jotter. Its CVSS base score is 7.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 36.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-4 (Information Flow Enforcement).
Deeper analysis
CVE-2024-57176 is a directory traversal vulnerability in the shiroFilter function of the White-Jotter project version 0.2.2. The issue enables attackers to access sensitive endpoints via a crafted URL. It carries a CVSS v3.1 base score of 7.6 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L) and is classified under CWE-437.
The vulnerability can be exploited remotely by an attacker with low privileges over the network with low attack complexity and no user interaction required. Successful exploitation allows directory traversal to reach sensitive endpoints, resulting in high confidentiality impact through unauthorized data access, along with low-level integrity modification and availability disruption.
The referenced advisory at https://github.com/DYX217/Incorrect-Access-Control provides further details on this incorrect access control issue.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-4488
Vulnerability details
An issue in the shiroFilter function of White-Jotter project v0.2.2 allows attackers to execute a directory traversal and access sensitive endpoints via a crafted URL.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability enables directory traversal to bypass Shiro authentication filters and access sensitive admin endpoints (e.g., /api/admin/content/article) in the public-facing White-Jotter web application, facilitating exploitation of public-facing applications.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Enforces approved authorizations to directly prevent directory traversal that bypasses access controls to sensitive endpoints.
Validates information inputs such as crafted URLs to block directory traversal payloads before they reach sensitive endpoints.
Enforces information flow controls to restrict unauthorized traversal between directories and sensitive endpoints.