Arbitrary File Read and Write via Snapshot Recovery
This vulnerability allows for arbitrary file read and write during the snapshot recovery process in qdrant/qdrant version 1.9.0-dev. It was patched in version 1.9.0. The issue arises from improper handling of symlinks within snapshot files, enabling attackers to manipulate the recovery process to access or modify files on the server.
Available publicly on Jun 03 2024 | Available with Premium on Apr 15 2024
Threat Overview
The vulnerability stems from the snapshot recovery mechanism in qdrant/qdrant, which fails to properly validate input, specifically symlinks within snapshot archives. For reading, an attacker can add a symlink pointing to any file on the filesystem, which gets included in a new snapshot of the recovered collection. For writing, an attacker can exploit the predictable naming convention of directories during the unpacking of .tar
files to redirect the extraction process to arbitrary locations, allowing for file write or overwrite. This can lead to information disclosure, data corruption, or even remote code execution if system binaries or scripts are targeted.
Attack Scenario
An attacker first creates a malicious snapshot containing symlinks to target files or directories for reading or writing. They then upload this snapshot to the vulnerable qdrant instance, triggering the recovery process. For reading, the contents of the symlinked file are included in a new snapshot created for the recovered collection. For writing, the attacker's payload within a .tar
file is extracted to the symlinked location, potentially overwriting critical files or deploying malicious scripts.
Who is affected
Any instance of qdrant/qdrant version 1.9.0-dev that allows users to upload and recover collections from snapshots is vulnerable. This primarily affects server administrators and potentially any user with access to the qdrant service, depending on the permissions required to upload snapshots.
Technical Report
Want more out of Sightline?
Sightline offers even more for premium customers
Go Premium
We have - related security advisories that are available with Sightline Premium.