CVE-2024-40348

HIGH NUCLEI

bazarr < 1.4.3 - Unauthenticated Path Traversal via /api/swaggerui/static

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2024-40348. PoCs published by bigb0x, NingXin2002. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a functional Python script that exploits CVE-2024-40348, a directory traversal vulnerability in Bazaar v1.4.3 and prior. The script sends crafted HTTP requests to read arbitrary files (e.g., /etc/passwd) from vulnerable targets.

Description

An issue in the component /api/swaggerui/static of Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal.

Exploits (2)

nomisec WORKING POC 32 stars

by bigb0x · poc

https://github.com/bigb0x/CVE-2024-40348

View Code ZIP pw:eip

This repository contains a functional Python script that exploits CVE-2024-40348, a directory traversal vulnerability in Bazaar v1.4.3 and prior. The script sends crafted HTTP requests to read arbitrary files (e.g., /etc/passwd) from vulnerable targets.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Bazaar v1.4.3 and prior

No auth needed

Prerequisites: Network access to the target Bazaar instance

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 18, 2026 Full analysis →

nomisec WORKING POC

by NingXin2002 · poc

https://github.com/NingXin2002/Bazaar_poc

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2024-40348, an arbitrary file read vulnerability in Bazaar v1.4.3. The PoC sends a crafted HTTP request with a path traversal payload to read sensitive files like /etc/passwd.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Bazaar v1.4.3

No auth needed

Prerequisites: Network access to the target Bazaar instance

MITRE ATT&CK

T1005 - Data from Local System T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Nuclei Templates (1)

Bazarr < 1.4.3 - Arbitrary File Read

HIGHVERIFIEDby s4e-io

FOFA: title=="Bazarr" && icon_hash="-1983413099"

References (1)

Core 1

Core References

Third Party Advisory

https://github.com/4rdr/proofs/blob/main/info/Bazaar_1.4.3_File_Traversal_via_Filename.md

View Writeup ZIP pw:eip

Scores

CVSS v3 8.2

EPSS 0.0829

EPSS Percentile 94.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-22

Status published

Products (1)

bazarr/bazarr < 1.4.3

Published Jul 20, 2024

Tracked Since Feb 18, 2026