Description

The web application is a Nuxt.js development server which is found to be vulnerable to an Arbitrary File Read issue. It has been observed that when the Nuxt.js application is run in development mode, it is possible to read nearly any file on the filesystem by navigating to a specific URL. This vulnerability seems to exist primarily when handling binary files or files with tabs, although the exact conditions under which it arises are not entirely clear. It appears to be less effective for certain file extensions, which is why the Confidentiality Impact is set to Low. Also, this issue is only present when the server is running in development mode.

While it is unlikely that sensitive data would be stored on a development server, this vulnerability could nonetheless be exploited to read runtime configurations or identify installed software, as it allows for easy reading of binary files.

Remediation

Update Nuxt.js: As this issue appears to be resolved in recent versions of Vite, updating to a newer version of Nuxt.js that uses a newer version of Vite may eliminate this vulnerability. If this is not possible, or if the issue persists even after updating, consider contacting the vendor or a cybersecurity professional for further guidance.

References

(Almost) Arbitary File Read on Development Server in nuxt/nuxt

Related Vulnerabilities

PHP X Prober publicly accessible

WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.26)

Oracle applications logs publicy available

Custom Error Pages Are Not Configured in WEB-INF/web.xml

WordPress 3.1.2 Multiple Vulnerabilities (3.0.1 - 3.1.2)

Severity

Low

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration Information Disclosure