CVE-2024-6782: 
calibre vulnerability analysis and mitigation

Calibre versions 6.9.0 through 7.14.0 contain an improper access control vulnerability that allows unauthenticated attackers to achieve remote code execution through the content server feature. The vulnerability was discovered in July 2024 and was assigned CVE-2024-6782. The issue affects the content server functionality in Calibre, a popular cross-platform e-book management software (STAR Labs).

The vulnerability exists in the cmd_list.py file that is called by the cdb.py router. The issue stems from insufficient access control checks and improper input sanitization of user-supplied templates. When processing requests to /cdb/cmd/list, the server allows template execution without proper authentication. The vulnerability has received a CVSS v3.1 base score of 9.8 (Critical) with vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating network accessibility, low attack complexity, and no required privileges or user interaction (STAR Labs).

If exploited, this vulnerability allows attackers to execute arbitrary code on the target system with the privileges of the Calibre server process. The impact is particularly severe as it requires no authentication in default configurations and can be exploited remotely, potentially leading to complete system compromise (STAR Labs).

The vulnerability has been fixed in version 7.16.0 through a commit that disallows template usage when connecting to remote servers. Users should upgrade to this version or later. If upgrading is not immediately possible, it is recommended to ensure proper access controls are implemented and the server is not exposed publicly. If public exposure is necessary, access should be restricted to highly privileged users only (GitHub Commit).