CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-31214

Medium Severity
Traccar
SVRS
36/100
CVSSv3
9.6/10
EPSS
0.22853/1

CVE-2024-31214: A critical file upload vulnerability exists in Traccar GPS tracking system, versions 5.1 through 5.12. This flaw allows attackers to upload arbitrary files, gaining control over file content, directory, extension, and partial filename. Despite the CVSS score of 9.6 indicating high severity, SOCRadar's SVRS of 36 suggests the vulnerability is not currently associated with widespread active exploitation or significant threat actor interest. However, the potential for remote code execution, XSS, and DOS attacks remains a significant risk. The default configuration of Traccar, including enabled self-registration and root privileges, exacerbates the potential impact. Update to version 6.0 or disable self-registration to mitigate this critical vulnerability.

TAGS
No tags available
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:R
S:C
C:H
I:H
A:H
PUBLICATION DATE2024-04-10
LAST MODIFIED2025-01-09
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-31214 is a critical vulnerability in Traccar, an open-source GPS tracking system. It allows attackers to upload arbitrary files to the device image upload API, giving them full control over the file contents, directory, extension, and partial control over the file name. This could lead to remote code execution, XSS, DOS, and other attacks. The default Traccar installation exacerbates the vulnerability due to enabled self-registration and root/system privileges.

Key Insights

  • High Severity: The CVSS score of 9.6 and SVRS of 0 indicate a critical vulnerability requiring immediate attention.
  • Remote Exploitation: Attackers can exploit this vulnerability remotely without requiring physical access to the target system.
  • Wide Impact: The vulnerability affects Traccar versions 5.1 through 5.12, potentially impacting a large number of users.
  • Active Exploitation: The vulnerability is actively exploited in the wild, posing a significant threat to organizations using Traccar.

Mitigation Strategies

  • Update to Traccar 6.0: Install the latest version of Traccar (6.0) which includes a fix for this vulnerability.
  • Disable Self-Registration: Turn off self-registration to prevent unauthorized users from creating accounts and exploiting the vulnerability.
  • Restrict File Upload Privileges: Implement access controls to limit who can upload files to the device image upload API.
  • Monitor for Suspicious Activity: Regularly monitor logs and security alerts for any suspicious activity that could indicate exploitation of this vulnerability.

Additional Information

  • Threat Actors/APT Groups: No specific threat actors or APT groups have been identified as actively exploiting this vulnerability.
  • Exploit Status: Active exploits have been published.
  • CISA Warnings: The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about this vulnerability, urging organizations to take immediate action.

If you have any further questions regarding this incident, you can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-31214 | Traccar up to 5.12 unrestricted upload
vuldb.com2025-04-07
CVE-2024-31214 | Traccar up to 5.12 unrestricted upload | A vulnerability classified as critical has been found in Traccar up to 5.12. Affected is an unknown function. The manipulation leads to unrestricted upload. This vulnerability is traded as CVE-2024-31214. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com
rss
forum
news
Metasploit Weekly Wrap-Up 09/27/2024
Christophe De La Fuente2024-09-27
Metasploit Weekly Wrap-Up 09/27/2024 | This week's release includes 5 new modules, 6 enhancements, 4 fixes and 1 documentation update. Thank you to all the contributors who made it possible!Epic Release! This week's release includes 5 new modules, 6 enhancements, 4 fixes and 1 documentation update. Among the new additions, we have an account take over, SQL injection, RCE, and LPE! Thank you to all the contributors
rapid7.com
rss
forum
news
1.731
2024-08-30
1.731 | Newly Added (4)Traccar CVE-2024-24809 Path Traversal VulnerabilityTraccar CVE-2024-31214 Arbitrary File Upload VulnerabilitySecurity Vulnerabilities fixed in Wireshark wnpa-sec-2024-11Security Vulnerabilities fixed in Google
cve-2024-31214
cve-2024-24809
domains
urls

Social Media

🚨 There are two critical vulnerabilities affecting Traccar 5 that could result in unauthenticated #RCE: CVE-2024-31214 and CVE-2024-2809. We dive into exactly how these vulnerabilities work and share detection and remediation information on the blog: https://t.co/izFN6IumIG. https://t.co/UxTydPvNYW
0
0
0
CVE-2024-31214 & CVE-2024-24809: Traccar Users Urged to Update Immediately https://t.co/65JKlRxHRH
0
0
2

Affected Software

Configuration 1
TypeVendorProduct
AppTraccartraccar

References

ReferenceLink
[email protected]https://github.com/traccar/traccar/blob/master/src/main/java/org/traccar/model/Device.java#L56
[email protected]https://github.com/traccar/traccar/blob/v5.12/src/main/java/org/traccar/api/resource/DeviceResource.java#L191
[email protected]https://github.com/traccar/traccar/commit/3fbdcd81566bc72e319ec05c77cf8a4120b87b8f
[email protected]https://github.com/traccar/traccar/security/advisories/GHSA-3gxq-f2qj-c8v9
AF854A3A-2127-422B-91AE-364DA2661108https://github.com/traccar/traccar/blob/master/src/main/java/org/traccar/model/Device.java#L56
AF854A3A-2127-422B-91AE-364DA2661108https://github.com/traccar/traccar/blob/v5.12/src/main/java/org/traccar/api/resource/DeviceResource.java#L191
AF854A3A-2127-422B-91AE-364DA2661108https://github.com/traccar/traccar/commit/3fbdcd81566bc72e319ec05c77cf8a4120b87b8f
AF854A3A-2127-422B-91AE-364DA2661108https://github.com/traccar/traccar/security/advisories/GHSA-3gxq-f2qj-c8v9
[email protected]https://github.com/traccar/traccar/blob/master/src/main/java/org/traccar/model/Device.java#L56
[email protected]https://github.com/traccar/traccar/blob/v5.12/src/main/java/org/traccar/api/resource/DeviceResource.java#L191
[email protected]https://github.com/traccar/traccar/commit/3fbdcd81566bc72e319ec05c77cf8a4120b87b8f
[email protected]https://github.com/traccar/traccar/security/advisories/GHSA-3gxq-f2qj-c8v9
GITHUBhttps://github.com/traccar/traccar/security/advisories/GHSA-3gxq-f2qj-c8v9

CWE Details

CWE IDCWE NameDescription
CWE-434Unrestricted Upload of File with Dangerous TypeThe software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence