Skip to content
Nuclei Templates

Fastify Swagger-UI - Information Disclosure

ID: CVE-2024-22207

Severity: medium

Author: DhiyaneshDK,iamnoooob

Tags: cve,cve2024,swagger-ui,exposure

Description

Section titled “Description”

fastify-swagger-ui is a Fastify plugin for serving Swagger UI. Prior to 2.1.0, the default configuration of @fastify/swagger-ui without baseDir set will lead to all files in the module’s directory being exposed via http routes served by the module. The vulnerability is fixed in v2.1.0. Setting the baseDir option can also work around this vulnerability.

YAML Source

Section titled “YAML Source”
id: CVE-2024-22207


info:
  name: Fastify Swagger-UI - Information Disclosure
  author: DhiyaneshDK,iamnoooob
  severity: medium
  description: |
    fastify-swagger-ui is a Fastify plugin for serving Swagger UI.  Prior to 2.1.0, the default configuration of `@fastify/swagger-ui` without `baseDir` set will lead to all files in the module's directory being exposed via http routes served by the module.  The vulnerability is fixed in v2.1.0. Setting the `baseDir` option can also work around this vulnerability.
  reference:
    - https://security.netapp.com/advisory/ntap-20240216-0002/
    - https://nvd.nist.gov/vuln/detail/CVE-2024-22207
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cve-id: CVE-2024-22207
    cwe-id: CWE-1188
    epss-score: 0.00052
    epss-percentile: 0.21263
    cpe: cpe:2.3:a:smartbear:swagger_ui:*:*:*:*:*:node.js:*:*
  metadata:
    vendor: smartbear
    product: swagger_ui
    framework: node.js
    shodan-query:
      - http.component:"swagger"
      - http.favicon.hash:"-1180440057"
    fofa-query: icon_hash="-1180440057"
  tags: cve,cve2024,swagger-ui,exposure


http:
  - method: GET
    path:
      - "{{BaseURL}}/documentation/playwright.config.js"


    matchers-condition: and
    matchers:
      - type: word
        words:
          - "module.exports"
          - "defineConfig"
        condition: and


      - type: status
        status:
          - 200
# digest: 490a0046304402201bcfc00a965a5f2f56c565eb7c546709874742d7f6ac18526a7c9850308e854002200c69431b0aaf73f92ac76a3c5740e3c38438ac34afd95e417b05e94d210d75ae:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2024/CVE-2024-22207.yaml"

View on Github