CVE-2024-35219

HIGH EXPLOITED NUCLEI

OpenAPI Generator Online < 7.6.0 - Path Traversal and Arbitrary File Read/Delete via Output Folder Option

Title source: llm

Exploitation Summary

CVE-2024-35219 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.

Description

OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Prior to version 7.6.0, attackers can exploit a path traversal vulnerability to read and delete files and folders from an arbitrary, writable directory as anyone can set the output folder when submitting the request via the `outputFolder` option. The issue was fixed in version 7.6.0 by removing the usage of the `outputFolder` option. No known workarounds are available.

Nuclei Templates (1)

OpenAPI Generator <= 7.5.0 - Arbitrary File Read/Delete

HIGHVERIFIEDby iamnoooob,rootxharsh,pdresearch

References (3)

Core 3

Core References

Vendor Advisory x_refsource_confirm

https://github.com/OpenAPITools/openapi-generator/security/advisories/GHSA-g3hr-p86p-593h

Issue Tracking x_refsource_misc

https://github.com/OpenAPITools/openapi-generator/pull/18652

Patch x_refsource_misc

https://github.com/OpenAPITools/openapi-generator/commit/edbb021aadae47dcfe690313ce5119faf77f800d

View Patch ZIP pw:eip

Scores

CVSS v3 8.3

EPSS 0.0359

EPSS Percentile 87.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

VulnCheck KEV 2024-12-05

CWE

CWE-22

Status published

Products (2)

OpenAPITools/openapi-generator < 7.6.0

org.openapitools/openapi-generator-online 0 - 7.6.0Maven

Published May 27, 2024

Tracked Since Feb 18, 2026