CVE-2020-37246: A Critical Local File Inclusion Vulnerability

The web is constantly evolving, and so are the threats to server security. One such recent threat is the CVE-2020-37246 vulnerability found in the Supsystic Backup plugin for WordPress. This vulnerability allows unauthorized users to exploit local file inclusion (LFI), posing significant risks to web server operators and hosting providers alike.

Understanding the Vulnerability

The Supsystic Backup plugin version 2.3.9 suffers from an LFI vulnerability that can be manipulated to access and delete files from a server. Attackers can manipulate the download path parameter in admin.php requests using directory traversal sequences. This means they can potentially access sensitive files, such as /etc/passwd, which might expose sensitive data and provide further access to the server.

Why This Matters for System Administrators

For system administrators, this vulnerability is a wake-up call to assess their server security protocols. Not only does it highlight the importance of regularly updating plugins, but it also emphasizes the need for robust malware detection and web application firewalls (WAFs). Hosting providers must ensure their clients are aware and prepared for such vulnerabilities, as they could lead to data breaches and server compromise.

Mitigation Steps

Here are practical steps to combat this vulnerability:

• Update the Supsystic Backup plugin to its latest version.
• Restrict access to admin.php files to authorized users only.
• Sanitize all user inputs to prevent unauthorized file manipulations.
• Regularly review server logs for unusual activity and potential brute-force attacks.

Strengthen Your Server Security Today

In light of recent LFI vulnerabilities, it's essential to enhance your server's security posture. Consider implementing solutions that provide comprehensive server protection. Try BitNinja’s free 7-day trial and explore how it can proactively protect your infrastructure against these evolving threats.