Talos Vulnerability Report TALOS-2024-2059 Veertu Anka Build registry archive files directory traversal vulnerability October 3, 2024 CVE Number CVE-2024-41163 SUMMARY A directory traversal vulnerability exists in the archive download functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can lead to a disclosure of arbitrary files. An attacker can make an unauthenticated HTTP request to exploit this vulnerability. CONFIRMED VULNERABLE VERSIONS The versions below were either tested or verified to be vulnerable by Talos or confirmed to be vulnerable by the vendor. Veertu Anka Build 1.42.0 PRODUCT URLS Anka Build – https://veertu.com/anka-build/ CVSSv3 SCORE 7.5 – CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CWE CWE-22 – Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) DETAILS Anka Build is a suite of software tools designed for macOS virtualization, specifically for testing macOS or iOS applications in CI/CD environments. The suite comprises three main components: Controller, Registry, and Nodes. Anka Build Controller is centralized dashboard for managing nodes, VM instances, templates, tags, and logs. Anka Build Registry serves as the central repository for macOS VM templates and tags, facilitating easy access and version control. Anka Build Nodes are macOS hosts that run on-demand VM instances. The default installation of the Controller LaunchDaemon runs on the port 80 and the Registry LaunchDaemon runs on the port 8089. A…Read More