CVE-2024-21623

EUVD-2024-19270
OTCLient is an alternative tibia client for otserv. Prior to commit db560de0b56476c87a2f967466407939196dd254, the /mehah/otclient "`Analysis - SonarCloud`" workflow is vulnerable to an expression injection in Actions, allowing an attacker to run commands remotely on the runner, leak secrets, and alter the repository using this workflow. Commit db560de0b56476c87a2f967466407939196dd254 contains a fix for this issue.
Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
GitHub_MCNA
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
Affected Products (NVD)
VendorProductVersion
mehahotclient
𝑥
< 2023-12-30
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/mehah/otclient/blob/72744edc3b9913b920e0fd12e929604f682fda75/.github/workflows/analysis-sonarcloud.yml#L91-L104
https://github.com/mehah/otclient/commit/db560de0b56476c87a2f967466407939196dd254
https://github.com/mehah/otclient/security/advisories/GHSA-q6gr-wc79-v589
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
https://securitylab.github.com/research/github-actions-untrusted-input/
https://github.com/mehah/otclient/blob/72744edc3b9913b920e0fd12e929604f682fda75/.github/workflows/analysis-sonarcloud.yml#L91-L104
https://github.com/mehah/otclient/commit/db560de0b56476c87a2f967466407939196dd254
https://github.com/mehah/otclient/security/advisories/GHSA-q6gr-wc79-v589
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
https://securitylab.github.com/research/github-actions-untrusted-input/