CVE-2023-29478 in BiblioCraftinfo

Summary

by MITRE • 04/07/2023

BiblioCraft before 2.4.6 does not sanitize path-traversal characters in filenames, allowing restricted write access to almost anywhere on the filesystem. This includes the Minecraft mods folder, which results in code execution.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 12/10/2025

BiblioCraft is a popular minecraft mod that allows players to create custom bookshelves and other furniture items within the game environment. The vulnerability exists in versions prior to 2.4.6 where the mod fails to properly sanitize user input when processing file operations. This flaw specifically affects how the mod handles filename characters that could enable path traversal attacks, allowing malicious actors to manipulate file paths and gain unauthorized access to the underlying filesystem. The vulnerability is particularly concerning because it operates at the file system level rather than just within the game environment, potentially allowing attackers to write files to critical locations including the Minecraft mods directory. This represents a critical security flaw that can be exploited by attackers to install malicious code within the game environment.

The technical implementation of this vulnerability stems from inadequate input validation within the mod's file handling routines. When users create or modify bookshelf configurations, the mod processes user-provided data that includes filenames and directory paths without proper sanitization of special characters such as dots, forward slashes, or backslashes that could be used to traverse directories. This lack of proper sanitization enables attackers to craft malicious filenames that, when processed by the mod, can bypass normal file system access controls. The vulnerability is classified as a path traversal or directory traversal flaw, which is categorized under CWE-22 in the Common Weakness Enumeration framework. Attackers can exploit this by creating specially crafted bookshelf configurations that contain path traversal sequences, allowing them to write files to arbitrary locations on the system.

The operational impact of this vulnerability is severe and directly enables remote code execution within the Minecraft environment. When an attacker successfully exploits this vulnerability, they can place malicious mod files or scripts within the Minecraft mods directory, which will then be loaded and executed by the game client. This creates a persistent backdoor that can be used to gain full control over the system running the game. The vulnerability affects not just the individual user's machine but also any multiplayer environment where the mod is installed, potentially allowing attackers to compromise entire server environments. The attack vector requires minimal privileges since the mod is designed to operate within the game's file system context, making it particularly dangerous in multiplayer scenarios where users may have limited understanding of the underlying security implications. This vulnerability directly maps to techniques described in the MITRE ATT&CK framework under T1059 for command and scripting interpreter and T1547 for registry run keys and startup folder.

Mitigation strategies for this vulnerability require immediate patching to version 2.4.6 or later, which includes proper input sanitization and validation of all file paths. System administrators should also implement additional protective measures such as restricting write permissions on the Minecraft installation directory and the mods folder to prevent unauthorized file modifications. Network-level protections can include monitoring for suspicious file operations and implementing strict file access controls. Users should be educated about the risks of installing untrusted mods and the importance of keeping all software up to date. The vulnerability highlights the importance of proper input validation and the principle of least privilege in software development, where applications should never be granted unnecessary file system permissions. Regular security audits of mod installations and monitoring for unauthorized file modifications can help detect exploitation attempts. Organizations running Minecraft servers should also consider implementing file integrity monitoring solutions to detect any unauthorized modifications to critical game files or mod installations.

Reservation

04/07/2023

Disclosure

04/07/2023

Moderation

accepted

CPE

ready

EPSS

0.01671

KEV

no

Activities

very low

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!