CVE-2024-49766 Overview
CVE-2024-49766 is a Path Traversal vulnerability in Werkzeug, the popular Web Server Gateway Interface (WSGI) web application library used extensively in Python web frameworks like Flask. The vulnerability exists in the safe_join() function, which fails to properly validate UNC paths (e.g., //server/share) on Windows systems running Python versions earlier than 3.11.
The root cause lies in the behavior of os.path.isabs() on older Python versions for Windows, which does not recognize UNC paths as absolute paths. Since Werkzeug's safe_join() relies on this check to prevent path traversal attacks, an attacker can potentially bypass the security control and access unintended files or data on the system.
Critical Impact
Applications running on Windows with Python < 3.11 may be vulnerable to unauthorized file access through UNC path manipulation, potentially exposing sensitive data or configuration files.
Affected Products
- Palletsprojects Werkzeug (versions prior to 3.0.6)
- Microsoft Windows (when running Python < 3.11)
- Flask and other Python web frameworks utilizing Werkzeug's safe_join() function
Discovery Timeline
- 2024-10-25 - CVE-2024-49766 published to NVD
- 2025-12-03 - Last updated in NVD database
Technical Details for CVE-2024-49766
Vulnerability Analysis
The vulnerability stems from an inconsistency in how Python's os.path.isabs() function handles UNC paths on Windows across different Python versions. On Python versions prior to 3.11, the ntpath.isabs() function (which os.path.isabs() uses on Windows) does not correctly identify UNC paths like //server/share as absolute paths, returning False when it should return True.
Werkzeug's safe_join() function is designed to safely join untrusted user input to a base directory, preventing path traversal attacks. However, when the security check using os.path.isabs() fails to catch UNC paths, an attacker can supply a path that appears relative but actually points to a completely different location on the network or system.
This vulnerability is classified as CWE-22 (Improper Limitation of a Pathname to a Restricted Directory), commonly known as Path Traversal. The attack requires network access but does not require authentication or user interaction, though exploitation complexity is considered high due to the specific environment requirements.
Root Cause
The root cause is a platform-specific inconsistency in Python's path handling on Windows. The ntpath.isabs() function in Python versions before 3.11 does not properly recognize UNC paths (paths starting with // or \\) as absolute paths. Since Werkzeug's security validation relies on this check, the oversight allows malicious paths to bypass the intended security restrictions.
The vulnerable code path occurs when:
- An application uses safe_join() to combine a base directory with user-supplied input
- The user supplies a UNC path (e.g., //attacker-server/share/malicious-file)
- Python's os.path.isabs() incorrectly returns False for this path
- The path passes validation and potentially allows access to unintended locations
Attack Vector
An attacker can exploit this vulnerability by submitting a crafted UNC path to any application endpoint that uses Werkzeug's safe_join() function for file path construction. The attack vector is network-based, typically through HTTP requests to web applications.
For example, if an application serves files from a specific directory using safe_join(), an attacker could request a path like //malicious-server/share/file to potentially access files outside the intended directory or trigger connections to attacker-controlled SMB servers.
# Security patch in src/werkzeug/security.py - Merge commit from fork
if (
any(sep in filename for sep in _os_alt_seps)
or os.path.isabs(filename)
+ # ntpath.isabs doesn't catch this on Python < 3.11
+ or filename.startswith("/")
or filename == ".."
or filename.startswith("../")
):
Source: GitHub Commit Details
Detection Methods for CVE-2024-49766
Indicators of Compromise
- HTTP requests containing UNC-style paths (paths starting with // or \\) in file retrieval parameters
- Unusual SMB connection attempts from web application servers to external or internal network shares
- Access log entries showing path patterns like //server/share in URL parameters or request bodies
- Failed file access attempts with network path errors in application logs
Detection Strategies
- Implement web application firewall (WAF) rules to detect and block requests containing UNC path patterns in user input
- Configure intrusion detection systems (IDS) to alert on outbound SMB connections from web servers
- Add application-level logging for all safe_join() operations to capture attempted path manipulations
- Deploy file integrity monitoring on directories served by the application to detect unauthorized access patterns
Monitoring Recommendations
- Monitor outbound network connections from web application servers, especially SMB/CIFS traffic on ports 445 and 139
- Review application access logs for requests containing double forward slashes or backslashes in path parameters
- Set up alerts for repeated failed file access attempts that may indicate exploitation attempts
- Track dependency versions in your applications to ensure Werkzeug is updated to version 3.0.6 or later
How to Mitigate CVE-2024-49766
Immediate Actions Required
- Upgrade Werkzeug to version 3.0.6 or later, which contains the security patch for this vulnerability
- Audit all applications using Werkzeug to identify those running on Windows with Python < 3.11
- Consider upgrading Python to version 3.11 or later on Windows systems as an additional defense layer
- Review application code for custom implementations of path joining that may have similar vulnerabilities
Patch Information
The Werkzeug development team has released version 3.0.6 which addresses this vulnerability. The patch adds an explicit check for paths starting with / to catch UNC paths that ntpath.isabs() misses on older Python versions. The fix is available through the official Werkzeug repository and PyPI.
For detailed patch information, refer to:
Workarounds
- Upgrade Python to version 3.11 or later on Windows systems, which correctly identifies UNC paths as absolute
- Implement additional input validation at the application level to reject paths containing // or \\ prefixes
- Use network segmentation to prevent web application servers from initiating outbound SMB connections
- Deploy a web application firewall with rules to block UNC path patterns in user-supplied input
# Configuration example - Upgrade Werkzeug using pip
pip install --upgrade werkzeug>=3.0.6
# Verify the installed version
pip show werkzeug | grep Version
# For requirements.txt, specify minimum version
echo "werkzeug>=3.0.6" >> requirements.txt
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
