Duplicator Plugin/Duplicator Pro Plugin on WordPress backups-dup-lite/tmp exposure of information through directory listing
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 6.3 | $0-$5k | 0.00 |
Summary
A vulnerability marked as critical has been reported in Duplicator Plugin and Duplicator Pro Plugin on WordPress. This impacts an unknown function of the file backups-dup-lite/tmp. The manipulation leads to exposure of information through directory listing. This vulnerability is documented as CVE-2023-6114. The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.
Details
A vulnerability was found in Duplicator Plugin and Duplicator Pro Plugin on WordPress (WordPress Plugin) (the affected version is unknown) and classified as critical. This issue affects an unknown code of the file backups-dup-lite/tmp. The manipulation with an unknown input leads to a exposure of information through directory listing vulnerability. Using CWE to declare the problem leads to CWE-548. A directory listing is inappropriately exposed, yielding potentially sensitive information to attackers. Impacted is confidentiality. The summary by CVE is:
The Duplicator WordPress plugin before 1.5.7.1, Duplicator Pro WordPress plugin before 4.5.14.2 does not disallow listing the `backups-dup-lite/tmp` directory (or the `backups-dup-pro/tmp` directory in the Pro version), which temporarily stores files containing sensitive data. When directory listing is enabled in the web server, this allows unauthenticated attackers to discover and access these sensitive files, which include a full database dump and a zip archive of the site.
The weakness was released 12/26/2023 by Dmitrii Ignatyev. It is possible to read the advisory at wpscan.com. The identification of this vulnerability is CVE-2023-6114 since 11/13/2023. Technical details of the vulnerability are known, but there is no available exploit. The attack technique deployed by this issue is T1083 according to MITRE ATT&CK.
Upgrading eliminates this vulnerability.
Be aware that VulDB is the high quality source for vulnerability data.
Product
Type
Name
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 6.4VulDB Meta Temp Score: 6.3
VulDB Base Score: 5.3
VulDB Temp Score: 5.1
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 7.5
NVD Vector: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Exposure of information through directory listingCWE: CWE-548 / CWE-552 / CWE-425
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Timeline
11/13/2023 🔍12/26/2023 🔍
12/26/2023 🔍
01/19/2024 🔍
Sources
Advisory: wpscan.comResearcher: Dmitrii Ignatyev
Status: Confirmed
CVE: CVE-2023-6114 (🔍)
GCVE (CVE): GCVE-0-2023-6114
GCVE (VulDB): GCVE-100-249071
Entry
Created: 12/26/2023 21:48Updated: 01/19/2024 13:54
Changes: 12/26/2023 21:48 (40), 01/19/2024 13:54 (11)
Complete: 🔍
Cache ID: 216::103
Be aware that VulDB is the high quality source for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.