CVE-2024-56113

CVE-2024-56113 is a vulnerability in Smart Toilet Lab - Motius version 1.3.11, a Django-based application. The issue stems from the application running with debug mode enabled (DEBUG = True), which causes verbose error pages to expose sensitive information defined in the Django settings file. This misconfiguration is mapped to CWE-922 and carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high confidentiality impact with no integrity or availability effects.

Unauthenticated remote attackers can exploit this vulnerability over the network with low attack complexity and no user interaction required. By triggering an error condition that generates a verbose error page, attackers gain access to sensitive Django settings data, such as configuration secrets, potentially enabling further compromise like unauthorized access to backend systems or data exfiltration.

Advisories and additional details are available in the GitHub repository at https://github.com/Henkel-CyberVM/CVEs/tree/main/CVE-2024-56113 and on the vendor site at https://www.motius.com/. Specific mitigation steps, such as disabling debug mode or applying patches, are not detailed in the core CVE information provided.