StarNet FastX 3 Path Traversal Vulnerability Allowing Arbitrary File Read and Remote Code Execution
Vulnerability
A path traversal vulnerability has been identified in StarNet FastX 3, affecting versions 3.0.0 through 3.3.67. This vulnerability allows an unauthenticated attacker to read arbitrary files on the server. Exploiting this issue could lead to access to the application's configuration files, which contain the secret key used to sign JSON Web Tokens (JWTs) as well as existing JWT identifiers. With this information, an attacker could forge valid JWTs, impersonate the root user, and execute remote code in a privileged context via authenticated endpoints.
Impact
Successful exploitation of this vulnerability could result in unauthorized access to sensitive files, allowing for the forgery of JWTs and impersonation of the root user, with subsequent remote code execution in a privileged context.
Remediation
Users can upgrade to FastX version 3.3.71 or later, where this vulnerability has been addressed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.