Vulnerability Description
A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url= request. Additionally, this may be used to read the contents of the SearchBlox configuration file (e.g., searchblox/WEB-INF/config.xml), which contains both the Super Admin's API key and the base64 encoded SHA1 password hashes of other SearchBlox users.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Searchblox | Searchblox | < 9.2.2 |
Related Weaknesses (CWE)
References
- https://developer.searchblox.com/docs/getting-started-with-searchbloxVendor Advisory
- https://hateshape.github.io/general/2021/05/11/CVE-2020-35580.htmlExploitThird Party Advisory
- https://developer.searchblox.com/docs/getting-started-with-searchbloxVendor Advisory
- https://hateshape.github.io/general/2021/05/11/CVE-2020-35580.htmlExploitThird Party Advisory
FAQ
What is CVE-2020-35580?
CVE-2020-35580 is a vulnerability with a CVSS score of 7.5 (HIGH). A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/...
How severe is CVE-2020-35580?
CVE-2020-35580 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-35580?
Check the references section above for vendor advisories and patch information. Affected products include: Searchblox Searchblox.