Path Traversal Vulnerability in Settings
A path traversal vulnerability was identified in the settings function of the affected software version, allowing attackers to manipulate the database path. This issue was patched in version 9.5.1.
Available publicly on Jul 20 2024 | Available with Premium on Jun 23 2024
Threat Overview
The vulnerability arises from the improper sanitization of user inputs in the settings function, specifically in the 'discussion_db_name' parameter. This allows an attacker to traverse directories and potentially write to critical system folders. The lack of proper validation and sanitization of paths makes the system susceptible to unauthorized file access and modification.
Attack Scenario
An attacker could exploit this vulnerability by sending a crafted HTTP request to the '/apply_settings' endpoint with a malicious 'discussion_db_name' value. This would allow the attacker to change the database path to a location of their choosing, potentially overwriting important system files or gaining unauthorized access to sensitive data.
Who is affected
Users running the affected version of the software who expose the settings endpoint to untrusted networks are at risk. This includes administrators and users who have not yet updated to the patched version 9.5.1.
Technical Report
Want more out of Sightline?
Sightline offers even more for premium customers
Go Premium
We have - related security advisories that are available with Sightline Premium.