CVE-2024-40422

CRITICAL NUCLEI

stitionai devika v1 - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2024-40422. PoCs published by Alperen Ergel, j3r1ch0123. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit demonstrates a path traversal vulnerability in Devika v1 via the 'snapshot_path' parameter in the '/api/get-browser-snapshot' endpoint. It allows an attacker to read arbitrary files (e.g., '/etc/passwd') by manipulating the parameter with directory traversal sequences.

Description

The snapshot_path parameter in the /api/get-browser-snapshot endpoint in stitionai devika v1 is susceptible to a path traversal attack. An attacker can manipulate the snapshot_path parameter to traverse directories and access sensitive files on the server. This can potentially lead to unauthorized access to critical system files and compromise the confidentiality and integrity of the system.

Exploits (2)

exploitdb WORKING POC

by Alperen Ergel · pythonwebappspython

https://www.exploit-db.com/exploits/52066

View Code ZIP pw:eip

This exploit demonstrates a path traversal vulnerability in Devika v1 via the 'snapshot_path' parameter in the '/api/get-browser-snapshot' endpoint. It allows an attacker to read arbitrary files (e.g., '/etc/passwd') by manipulating the parameter with directory traversal sequences.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Devika v1

No auth needed

Prerequisites: Network access to the target application

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 18, 2026 Full analysis →

nomisec WORKING POC 1 stars

by j3r1ch0123 · poc

https://github.com/j3r1ch0123/CVE-2024-40422

View Code ZIP pw:eip

This repository contains a functional Python exploit for CVE-2024-40422, a path traversal vulnerability in Devika v1. The exploit sends a crafted request to the '/api/get-browser-snapshot' endpoint to retrieve the contents of '/etc/passwd'.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Devika v1

No auth needed

Prerequisites: Network access to the vulnerable Devika instance

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Nuclei Templates (1)

Devika v1 - Path Traversal

CRITICALby s4e-io,alpernae

FOFA: icon_hash="-1429839495"

References (4)

Core 4

Core References

Third Party Advisory

https://github.com/alpernae/CVE-2024-40422

Product

https://github.com/stitionai/devika

Exploit

https://github.com/stitionai/devika/pull/619

Various Sources

https://medium.com/@alpernae/uncovering-path-traversal-in-devika-v1-a-deep-dive-into-cve-2024-40422-f8ce81398b99

Scores

CVSS v3 9.1

EPSS 0.1141

EPSS Percentile 95.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-22

Status published

Products (1)

stitionai/devika 1.0

Published Jul 24, 2024

Tracked Since Feb 18, 2026