CVE-2024-53790

Vulnerability

Overview

CVE-2024-53790 is a path traversal vulnerability in the WordPress plugin Lenxel Core for Lenxel(LNX) LMS, affecting versions from n/a through 1.3.9. The plugin improperly limits pathnames to restricted directories, enabling PHP local file inclusion (LFI). This occurs because user-supplied input is not sanitized before being used in file inclusion operations.

Exploitation

An attacker can exploit this flaw by crafting a malicious HTTP request that traverses directories to include arbitrary PHP files from the server. No authentication is required, and the attack can be executed remotely. The vulnerability is particularly dangerous for WordPress sites where sensitive files like wp-config.php (containing database credentials) are within reach. [1]

Impact

Successful exploitation allows an attacker to read the contents of any local file on the server, including configuration files, logs, and potentially code. If the attacker includes a PHP file that executes code, they may achieve remote code execution. This could lead to full site compromise, data theft, or further attacks on the server. [1]

Mitigation

The vendor has not released a patched version for this vulnerability as of the publication date. Users are advised to update the plugin to a safe version once available. Until then, immediate actions include restricting access to the plugin's directory via a web application firewall (WAF) or disabling the plugin if possible. [1]