Path Traversal Vulnerability Discovered In Impacket: CVE-2021-31800 / CX-2021-4793

Severity

Severity: 9.9 - Critical Severity

Advisory Timeline Summary
Impacket prior to version 0.9.23 is vulnerable to Path Traversal.

Product

Impacket prior to 0.9.23

Impact

If the vulnerability is exploited, an attacker could write files to any location on the affected computer. This could be elevated to an RCE in a variety of ways depending on the environment and the operating system.

Steps To Reproduce

  1. For a full and detailed reproduction see: Checkmarx Research Blogpost

Expected Result:

Files should only be listed and written to the intended work directory.

Remediation

This issue was fixed in version 0.9.23 through the commit.

Properties

Attack Vector: Network

Attack Complexity: Low

Privileges Required: Low

User Interaction: None

Scope: Changed

Confidentiality: High

Integrity: High

Availability: High

Credit

This issue was discovered and reported by Checkmarx Security Researcher Omri Inbar.

Resources

  1. Commit (cae2031)