CRITICAL🇵🇱 Wersja polska

CVE-2024-33879

CVSS 9.8v3.1pub. 2024-06-24upd. 2024-11-21

An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows arbitrary file download and deletion via absolute path traversal in the path parameter.

🤖 AI Analysis
How it works

The vulnerability occurs in the isCompleted method handled by the Virto.SharePoint.FileDownloader/Api/Download.ashx endpoint. An attacker can pass an absolute file path in the path parameter, thereby bypassing mechanisms that restrict access to the designated directory. The lack of proper validation and sanitization of the path parameter allows reading or deleting files outside the intended scope of the application.

Impact

An unauthenticated attacker can download any file available on the server (including configuration files, user data, application secrets) or permanently delete it, which may lead to sensitive data leakage and system disruption.

Mitigation & patch

Patches available from the vendor should be applied according to references. It is recommended to check VirtoSoftware documentation (docs.virtosoftware.com) for updated software versions and implement vendor security recommendations. Until the update is applied, consider restricting network access to the Download.ashx endpoint at the firewall or reverse proxy level.

Who is affected

VirtoSoftware Virto Bulk File Download version 5.5.44 running on Microsoft SharePoint Server 2019

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Microsoft SharePoint Server

    APP
    Microsoft
    2019
  • Virtosoftware Sharepoint Bulk File Download

    APP
    Virtosoftware
    5.5.44
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Path Traversal
CWE
References

Related vulnerabilities

CVE-2026-20963CRITICAL9.8⚠ KEVPL ✓ten sam produkt

RCE przez deserializację niezaufanych danych w Microsoft SharePoint Server

CVE-2025-53770CRITICAL9.8⚠ KEVPL ✓ten sam produkt

RCE przez deserialization w Microsoft SharePoint Server (on-premises)

CVE-2023-29357CRITICAL9.8⚠ KEVten sam produkt

Microsoft SharePoint Server Elevation of Privilege Vulnerability

CVE-2019-0604CRITICAL9.8⚠ KEVten sam produkt

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the sour...

CVE-2023-21716CRITICAL9.8ten sam produkt

Microsoft Word Remote Code Execution Vulnerability