CVE-2024-57451 in ChestnutCMS
Summary
by MITRE • 02/03/2025
ChestnutCMS <=1.5.0 has a directory traversal vulnerability in contentcore.controller.FileController#getFileList, which allows attackers to view any directory.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 06/29/2025
The vulnerability identified as CVE-2024-57451 affects ChestnutCMS versions 1.5.0 and earlier, presenting a critical directory traversal flaw within the contentcore.controller.FileController component. This vulnerability specifically manifests in the getFileList method which fails to properly validate or sanitize user-supplied input parameters. Attackers can exploit this weakness by crafting malicious requests that manipulate directory path parameters, enabling them to traverse the file system and access directories that should remain restricted. The flaw stems from inadequate input validation mechanisms that allow arbitrary path navigation beyond the intended application boundaries. This type of vulnerability falls under CWE-22, which categorizes improper limitation of a pathname to a restricted directory, commonly known as path traversal or directory traversal attacks.
The operational impact of this vulnerability is severe as it provides attackers with unauthorized access to the underlying file system of the affected CMS installation. An attacker could potentially access sensitive configuration files, database credentials, application source code, user data, and other confidential information stored on the server. The vulnerability enables read-only access to arbitrary directories, which could lead to information disclosure and further compromise of the system. In environments where ChestnutCMS is deployed with elevated privileges or contains sensitive data, this vulnerability could serve as a foothold for more sophisticated attacks. The attack vector is relatively straightforward requiring only a properly crafted HTTP request that manipulates the file path parameter to access directories outside the intended scope.
Security practitioners should prioritize immediate mitigation of this vulnerability through patching the application to the latest version that addresses the directory traversal issue. Organizations using affected versions should implement network-level restrictions and access controls to limit exposure to this vulnerability. The ATT&CK framework categorizes this vulnerability under T1083 - File and Directory Discovery, which represents the techniques attackers use to enumerate file systems and identify sensitive data locations. Additionally, this vulnerability aligns with T1566 - Phishing, as attackers may use information obtained through directory traversal to craft more targeted social engineering campaigns. The vulnerability demonstrates the critical importance of input validation and proper access control mechanisms in web applications, particularly in content management systems that handle user-generated content and file operations. Organizations should conduct thorough security assessments to identify similar vulnerabilities in their application code and implement comprehensive logging to detect potential exploitation attempts.