HerikLyma CPPWebFramework Path Traversal Vulnerability

A path traversal vulnerability has been identified in HerikLyma CPPWebFramework versions through 3.1. This vulnerability allows remote attackers to read arbitrary files on the host system by exploiting the framework's handling of user-supplied URLs. The application concatenates these URLs with the web root path without properly sanitizing them, enabling attackers to bypass directory restrictions and access sensitive files, such as the framework's configuration file (CPPWeb.ini). The vulnerability is present in an unknown function and has been publicly disclosed, with an available exploit.

Impact

Exploitation of this vulnerability allows for unauthenticated arbitrary file read via path traversal, potentially leading to the disclosure of sensitive information.

Reproduction

The vulnerability can be reproduced by sending a crafted HTTP GET request that includes a payload to traverse directories and access restricted files. This can be done using the official Docker container for the C++ Web Framework Hello World example, which demonstrates the vulnerability in action.