CVE-2023-43662 — AI Deep Analysis Summary

🚨 **Essence**: ShokoServer suffers from a **Path Traversal** vulnerability (CWE-22). <br>💥 **Consequences**: Attackers can **read arbitrary files** on the server.…

🛡️ **Root Cause**: **Lack of Input Sanitization**. <br>🔍 **Flaw**: The `serverImagePath` parameter is not cleaned before being passed to `System.IO.File.OpenRead`.…

📦 **Affected Product**: **ShokoServer** (Anime collection management platform). <br>👥 **Vendor**: ShokoAnime. <br>⚠️ **Scope**: All versions prior to the fix commit (6c57ba0) are vulnerable.

🕵️ **Attacker Capabilities**: <br>1️⃣ **Arbitrary File Read**: Access any file the server process has permissions to read. <br>2️⃣ **Data Exfiltration**: Steal credentials, logs, or internal configuration files.…

🔓 **Exploitation Threshold**: **LOW**. <br>✅ **Authentication**: **None Required** (Unauthenticated). <br>✅ **User Interaction**: **None Required**. <br>✅ **Attack Vector**: Network (AV:N).…

💻 **Public Exploit**: **YES**. <br>📄 **PoC Available**: A Nuclei template exists at `projectdiscovery/nuclei-templates`.…

🔍 **Self-Check Method**: <br>1️⃣ **Endpoint**: Target `/api/Image/WithPath`. <br>2️⃣ **Parameter**: Send `serverImagePath` with traversal payloads (e.g., `../../../etc/passwd`).…

🩹 **Official Fix**: **YES**. <br>📅 **Patch Date**: Published 2023-09-28. <br>🔗 **Commit**: `6c57ba0f073d6be5a4f508c46c2ce36727cbce80`. <br>📝 **Action**: Update ShokoServer to the latest version containing this commit.

🚧 **No Patch Workaround**: <br>1️⃣ **Network Segmentation**: Block external access to the `/api/Image/WithPath` endpoint. <br>2️⃣ **WAF Rules**: Implement rules to block `../` sequences in query parameters.…

⚡ **Urgency**: **HIGH**. <br>📊 **CVSS Score**: **7.5** (High). <br>🚨 **Reason**: Unauthenticated, remote, low complexity, and high impact on Confidentiality. Immediate patching is recommended to prevent data leaks.