CVE-2023-35844 — AI Deep Analysis Summary

🚨 **Essence**: Lightdash suffers from a **Path Traversal** vulnerability. <br>💥 **Consequences**: Attackers can access files and directories **outside** the web root folder.…

🛡️ **Root Cause**: Insecure file endpoints in the backend routers.…

📦 **Affected Product**: Lightdash (Visualization Data Analysis Tool). <br>📉 **Versions**: All versions **before 0.510.3**. <br>⚠️ **Status**: Vulnerable components include `packages/backend/src/routers`.

🕵️ **Attacker Capabilities**: <br>1. **Read Arbitrary Files**: Access sensitive data stored outside the web root. <br>2. **Bypass Restrictions**: Circumvent standard file access controls. <br>3.…

⚖️ **Exploitation Threshold**: **Low to Medium**. <br>🔑 **Auth**: Likely requires basic access to the Lightdash interface to trigger the endpoint.…

💣 **Public Exploits**: **Yes**. <br>📂 **PoCs Available**: <br>- GitHub PoC by Lserein. <br>- Nuclei templates by ProjectDiscovery.…

🔍 **Self-Check Methods**: <br>1. **Scan**: Use Nuclei with the CVE-2023-35844 template. <br>2. **Manual Test**: Send requests with `../` sequences to file endpoints. <br>3.…

✅ **Official Fix**: **Yes**. <br>🔧 **Patch Version**: **0.510.3** and later. <br>📝 **Commit**: Fixed via commit `fcc808c84c2cc3afb343063e32a49440d32a553c` (PR #5090).

🚧 **No Patch Workaround**: <br>1. **Update Immediately**: Upgrade to v0.510.3+. <br>2. **WAF Rules**: Block requests containing `../` in file parameters. <br>3.…

🔥 **Urgency**: **HIGH**. <br>⚡ **Priority**: **Critical**. <br>💡 **Reason**: Simple exploitation, high impact (data leak), and easy-to-find PoCs. Patch immediately to prevent unauthorized data access.