CVE-2024-46212 is a directory traversal vulnerability identified in the REDAXO CMS version 5.17.1, specifically within the /index.php?page=backup/export component. The vulnerability arises due to insufficient validation or sanitization of the 'page' parameter, allowing an authenticated attacker with high privileges to traverse directories and access arbitrary files on the server. This type of vulnerability is classified under CWE-22 (Improper Limitation of a Pathname to a Restricted Directory). The attack vector is network-based (AV:N), with low attack complexity (AC:L), but requires high privileges (PR:H) and no user interaction (UI:N). The scope is unchanged (S:U), and the impact is primarily on confidentiality (C:H), with no impact on integrity (I:N) or availability (A:N). Exploiting this vulnerability could lead to unauthorized disclosure of sensitive files such as configuration files, credentials, or backups, potentially aiding further attacks. No patches or official fixes are currently linked, and no known exploits have been reported in the wild as of the publication date. The vulnerability was reserved on September 11, 2024, and published on October 16, 2024.

The primary impact of CVE-2024-46212 is unauthorized disclosure of sensitive information due to directory traversal. Attackers with high privileges can access files outside the intended directory, potentially exposing configuration files, database credentials, backup data, or other sensitive information stored on the server. This can lead to further compromise, including privilege escalation or lateral movement within the affected environment. Since exploitation requires authenticated access with high privileges, the risk is somewhat mitigated by access controls; however, insider threats or compromised admin accounts could exploit this vulnerability. The vulnerability does not affect system integrity or availability directly but can significantly impact confidentiality, which is critical for organizations handling sensitive data. Organizations relying on REDAXO CMS 5.17.1 for web content management are at risk, especially those with sensitive or regulated data. The lack of known exploits in the wild reduces immediate risk but does not eliminate the threat, as proof-of-concept exploits could emerge.

To mitigate CVE-2024-46212, organizations should first verify if they are using REDAXO CMS version 5.17.1 and specifically the vulnerable backup/export functionality. Since no official patch is currently linked, administrators should consider the following steps: 1) Restrict access to the /index.php?page=backup/export endpoint to only trusted administrators and limit network exposure using firewalls or IP whitelisting. 2) Implement strict input validation and sanitization on the 'page' parameter to prevent directory traversal sequences such as '../'. 3) Monitor and audit logs for unusual access patterns or attempts to access unauthorized files. 4) Employ the principle of least privilege by ensuring that users with high privileges are limited and their credentials are protected with strong authentication mechanisms. 5) Regularly back up data securely and maintain an incident response plan in case of compromise. 6) Stay updated with REDAXO CMS vendor announcements for patches or security advisories addressing this vulnerability. 7) Consider using web application firewalls (WAFs) that can detect and block directory traversal attempts. These measures combined can reduce the risk until an official patch is available.