CRITICAL🇵🇱 Wersja polska

CVE-2024-36858

CVSS 9.8v3.1pub. 2024-06-04upd. 2024-11-21

An arbitrary file upload vulnerability in the /v1/app/writeFileSync interface of Jan v0.4.12 allows attackers to execute arbitrary code via uploading a crafted file.

🤖 AI Analysis
How it works

The vulnerability results from insufficient validation of uploaded files in the /v1/app/writeFileSync interface. An attacker can send a specially crafted file to this endpoint without needing any permissions. The uploaded file is saved on the server in a way that allows its subsequent execution, leading to arbitrary code execution in the context of the application.

Impact

An attacker can gain full control over the system running the Jan application — including stealing sensitive data, modifying system files, and permanently compromising the system's integrity and availability (RCE with full CIA triad: confidentiality, integrity, availability).

Mitigation & patch

Apply patches available from the vendor according to references. Immediate update of Jan application above version 0.4.12 is recommended, and — until the update is applied — restrict network access to the application's API interface using firewall or network rules.

Who is affected

Jan version 0.4.12

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Homebrew Jan

    APP
    Homebrew
    0.4.12
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2024-37273CRITICAL9.8PL ✓ten sam produkt

Dowolne przesyłanie plików w Jan v0.4.12 umożliwiające RCE

CVE-2024-36857HIGH7.5ten sam produkt

Jan v0.4.12 was discovered to contain an arbitrary file read vulnerability via the /v1/app/readFileSync interf...