Calibre , a popular e-book management software, is currently facing three serious security vulnerabilities that could expose millions of users to a variety of cyber threats.
1. CVE-2024-7008: Blind SQL Injection (CVSS 5.3)
The first security flaw allows an attacker to inject malicious JavaScript code into Calibre's content server. This could lead to tricking users into performing unwanted actions, including making unauthorized changes to the server or exfiltrating sensitive information.
Solution: Ensure that all user inputs are properly checked and validated before being used to generate HTML content. In particular, book IDs should contain only numeric characters, so verify that the input contains only digits.
2. CVE-2024-6781: Arbitrary File Read Attack (CVSS 7.5)
This vulnerability allows an unauthenticated or authorized attacker to read arbitrary files on the vulnerable server. This could lead to the exposure of private documents, user data, or other sensitive information.
Solution: Implement full user input validation and sanitization to prevent attacks from accessing unintended paths.
3. CVE-2024-6782: Remote Code Execution (CVSS 9.8)
The most severe vulnerability allows an attacker to remotely execute arbitrary code on an affected system. This could result in taking full control of the compromised device, installing additional malware, stealing data, or launching attacks on other systems.
Solution: Set strict access controls on public endpoints. If code execution is an intended feature, ensure that the server is not exposed to the internet, or restrict access to only privileged users.
Urgent Recommendation
All Calibre users are advised to upgrade immediately to the latest version to address these security vulnerabilities. The latest version has been released and contains the necessary patches.
In addition to upgrading, consider enabling basic authentication on your content server for added protection against unauthorized access.
No comments: