CVE-2024-25121
Description
TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions of TYPO3 entities of the File Abstraction Layer (FAL) could be persisted directly via DataHandler. This allowed attackers to reference files in the fallback storage directly and retrieve their file names and contents. The fallback storage ("zero-storage") is used as a backward compatibility layer for files located outside properly configured file storages and within the public web root directory. Exploiting this vulnerability requires a valid backend user account. Users are advised to update to TYPO3 version 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, or 13.0.1 which fix the problem described. When persisting entities of the File Abstraction Layer directly via DataHandler, sys_file entities are now denied by default, and sys_file_reference & sys_file_metadata entities are not permitted to reference files in the fallback storage anymore. When importing data from secure origins, this must be explicitly enabled in the corresponding DataHandler instance by using $dataHandler->isImporting = true;.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
typo3/cms-corePackagist | >= 8.0.0, < 8.7.57 | 8.7.57 |
typo3/cms-corePackagist | >= 9.0.0, < 9.5.46 | 9.5.46 |
typo3/cms-corePackagist | >= 10.0.0, < 10.4.43 | 10.4.43 |
typo3/cms-corePackagist | >= 11.0.0, < 11.5.35 | 11.5.35 |
typo3/cms-corePackagist | >= 12.0.0, < 12.4.11 | 12.4.11 |
typo3/cms-corePackagist | >= 13.0.0, < 13.0.1 | 13.0.1 |
Affected products
2Patches
Vulnerability mechanics
References
7- github.com/TYPO3/typo3/security/advisories/GHSA-rj3x-wvc6-5j66nvdThird Party AdvisoryWEB
- github.com/advisories/GHSA-rj3x-wvc6-5j66ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-25121ghsaADVISORY
- typo3.org/security/advisory/typo3-core-sa-2024-006nvdVendor AdvisoryWEB
- github.com/TYPO3/typo3/commit/38f0bf9a61e10365be26eb75bc23a81184dbed07ghsaWEB
- github.com/TYPO3/typo3/commit/71e652bf84b16fd3592205f61f36750ab03db74cghsaWEB
- github.com/TYPO3/typo3/commit/b47b6ddf5a5f3f852c6e43f837360780c12e3c47ghsaWEB
News mentions
0No linked articles in our index yet.