CVE-2018-7482
HIGH EXPLOITED IN THE WILDJoomlaworks K2 - Path Traversal
Title source: ruleExploitation Summary
CVE-2018-7482 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io).
Description
The K2 component 2.8.0 for Joomla! has Incorrect Access Control with directory traversal, allowing an attacker to download arbitrary files, as demonstrated by a view=media&task=connector&cmd=file&target=l1_../configuration.php&download=1 request. The specific pathname ../configuration.php should be base64 encoded for a valid attack. NOTE: the vendor disputes this issue because only files under the media-manager path can be downloaded, and the documentation indicates that sensitive information does not belong there. Nonetheless, 2.8.1 has additional blocking of .php downloads
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://www.joomlaworks.net/forum/forum-updates-other-resources/49046-false-cve-report-on-k2-v2-8-0
Broken Link exploit
x_refsource_exploit-db
https://exploit-db.com/exploits/44188
Scores
CVSS v3
7.5
EPSS
0.0235
EPSS Percentile
81.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
partial
Details
VulnCheck KEV
2021-04-12
InTheWild.io
2021-04-12
CWE
CWE-22
Status
published
Products (1)
joomlaworks/k2
2.8.0
Published
Feb 28, 2018
Tracked Since
Feb 18, 2026