Kavita - Local File Inclusion

What is "Kavita - Local File Inclusion?"

The "Kavita - Local File Inclusion" module is designed to detect and report vulnerabilities related to local file inclusion in the Kavita software. This module focuses on the CWE-22 classification and has a severity level of high (CVSS-Score: 7.5). The original author of this module is arafatansari.

Impact

A local file inclusion vulnerability in the Kavita software can allow an attacker to include arbitrary files from the server's file system. This can lead to unauthorized access to sensitive information, such as configuration files, tokens, and other critical data.

How does the module work?

The "Kavita - Local File Inclusion" module sends an HTTP GET request to the "/api/image/cover-upload" endpoint with a specific filename parameter. It then checks the response body for the presence of certain keywords, such as "ConnectionStrings," "Path," and "TokenKey." Additionally, it verifies that the response status code is 200.

By analyzing the response, the module determines if the Kavita software is vulnerable to local file inclusion. If the conditions are met, the module reports the vulnerability.

Example HTTP request:

GET /api/image/cover-upload?filename=../appsettings.json

The module matches the following conditions:

- The response body contains the keywords "ConnectionStrings," "Path," and "TokenKey." - The response status code is 200.

If both conditions are met, the module identifies the presence of a local file inclusion vulnerability in the Kavita software.