📄 Description (English)
Voyager 1.3.0 contains a directory traversal vulnerability that allows attackers to access sensitive system files by manipulating the asset path parameter. Attackers can exploit the path parameter in /admin/voyager-assets to read arbitrary files like /etc/passwd and .env configuration files.
🤖 AI Executive Summary
CVE-2020-37214 is a directory traversal vulnerability in Voyager 1.3.0 that allows unauthenticated attackers to read arbitrary files including sensitive system configurations and credentials through the /admin/voyager-assets endpoint. With a CVSS score of 7.5, this vulnerability poses a significant risk to organizations using Voyager for content management, potentially exposing database credentials, API keys, and system information. Immediate patching is critical as the vulnerability requires minimal technical sophistication to exploit.
📄 Description (Arabic)
🤖 AI Intelligence Analysis Analyzed: May 1, 2026 11:01
🇸🇦 Saudi Arabia Impact Assessment
Saudi organizations using Voyager CMS for government portals, banking websites, healthcare information systems, and e-commerce platforms are at significant risk. Government agencies under NCA oversight, SAMA-regulated financial institutions, and healthcare providers managing patient data face critical exposure of sensitive information. Telecommunications companies and energy sector organizations using Voyager for administrative interfaces could have their infrastructure credentials compromised. The vulnerability's ability to expose .env files containing database credentials and API keys makes it particularly dangerous for organizations handling Saudi citizen data subject to PDPL compliance requirements.
🏢 Affected Saudi Sectors
Government
Banking and Financial Services
Healthcare
Energy and Utilities
Telecommunications
E-commerce
Education
🎯 MITRE ATT&CK Techniques
⚖️ Saudi Risk Score (AI)
8.2
/ 10.0
🔧 Remediation Steps (English)
IMMEDIATE ACTIONS:
1. Identify all systems running Voyager 1.3.0 and isolate them from production networks if possible
2. Review access logs for /admin/voyager-assets endpoint for suspicious path traversal attempts (patterns like ../, ..\, encoded variants)
3. Assume compromise of any .env files and database credentials — rotate all database passwords, API keys, and service account credentials immediately
4. Check for unauthorized access to /etc/passwd, /etc/shadow, configuration files, and application source code
PATCHING:
1. Upgrade Voyager to version 1.3.1 or later immediately
2. Apply vendor security patches through your package manager (composer update voyager)
3. Verify patch installation by confirming version number and checking for path traversal filtering in asset handling code
COMPENSATING CONTROLS (if immediate patching impossible):
1. Implement Web Application Firewall (WAF) rules to block requests containing ../, ..\, %2e%2e, and URL-encoded traversal sequences to /admin/voyager-assets
2. Restrict /admin/voyager-assets endpoint to specific IP ranges and require additional authentication
3. Disable directory listing and implement strict file access controls
4. Move sensitive configuration files (.env) outside web root
DETECTION:
1. Monitor for HTTP requests to /admin/voyager-assets with path traversal patterns
2. Alert on access attempts to sensitive files: /etc/passwd, /etc/shadow, .env, config files
3. Log and review all 200 responses from /admin/voyager-assets endpoint
4. Implement IDS/IPS signatures for directory traversal attacks (CWE-22)
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:
1. تحديد جميع الأنظمة التي تعمل بـ Voyager 1.3.0 وعزلها عن شبكات الإنتاج إن أمكن
2. مراجعة سجلات الوصول لنقطة النهاية /admin/voyager-assets للبحث عن محاولات اجتياز مريبة (أنماط مثل ../ و ..\)
3. افترض اختراق ملفات .env وبيانات اعتماد قاعدة البيانات — قم بتدوير جميع كلمات مرور قواعد البيانات ومفاتيح API فوراً
4. تحقق من الوصول غير المصرح به إلى /etc/passwd والملفات الحساسة الأخرى
التصحيح:
1. قم بترقية Voyager إلى الإصدار 1.3.1 أو أحدث فوراً
2. طبق تصحيحات الأمان من خلال مدير الحزم (composer update voyager)
3. تحقق من تثبيت التصحيح بتأكيد رقم الإصدار والتحقق من تصفية اجتياز المسار
الضوابط البديلة:
1. تطبيق قواعد جدار حماية تطبيقات الويب لحجب الطلبات التي تحتوي على أنماط اجتياز المسار
2. تقييد نقطة النهاية /admin/voyager-assets على نطاقات IP محددة
3. تعطيل قائمة المجلدات وتطبيق ضوابط وصول صارمة
4. نقل ملفات التكوين الحساسة خارج جذر الويب
الكشف:
1. مراقبة طلبات HTTP إلى /admin/voyager-assets بأنماط اجتياز المسار
2. تنبيهات محاولات الوصول إلى الملفات الحساسة
3. تسجيل ومراجعة جميع الاستجابات من نقطة النهاية
4. تطبيق توقيعات IDS/IPS لهجمات اجتياز المجلدات
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
A.5.1.1 - Information security policies and procedures
A.6.1.1 - Access control policy
A.8.1.1 - Asset management policy
A.12.2.1 - Change management procedures
A.12.6.1 - Management of technical vulnerabilities
🔵 SAMA CSF
ID.AM-2 - Software inventory and management
PR.AC-1 - Access control policy and procedures
PR.PT-2 - Removable media protection
DE.CM-1 - Network monitoring
RS.MI-2 - Incident response and management
🟡 ISO 27001:2022
A.5.1 - Management direction for information security
A.6.1 - Internal organization
A.8.1 - Asset responsibility
A.12.2 - Change management
A.12.6 - Management of technical vulnerabilities
A.14.2 - Development and change management
🟣 PCI DSS v4.0.1
Requirement 2.2 - Configuration standards
Requirement 6.2 - Security patches
Requirement 6.5.1 - Injection flaws
Requirement 11.2 - Vulnerability scanning
🔗 References & Sources 5
🔗
🔗
🔗
🔗
🔗
https://github.com/the-control-group/voyager/releases/tag/v1.2.7
disclosure@vulncheck.com
https://github.com/the-control-group/voyager/releases/tag/v1.3.0
disclosure@vulncheck.com
https://voyager.devdojo.com/
disclosure@vulncheck.com
https://www.exploit-db.com/exploits/47875
disclosure@vulncheck.com
https://www.vulncheck.com/advisories/voyager-directory-traversal
disclosure@vulncheck.com