Medium

quivr

Path Traversal in File Upload Functionality

A path traversal vulnerability in the latest version of the software allows attackers to upload files to arbitrary paths in the S3 bucket. This issue has not yet been patched.

Available publicly on Jul 12 2024

4.3

CVSS:

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Credit:

d47secc
Threat Overview

The vulnerability exists in the file upload functionality, where the application fails to properly sanitize the file path provided by the user. This allows an attacker to traverse directories and upload files to arbitrary locations within the S3 bucket. The impact of this vulnerability includes unauthorized file uploads, potential overwriting of existing files, and creation of new directories.

Attack Scenario

An attacker can exploit this vulnerability by crafting a malicious file upload request with a specially crafted file path. For example, by including '../' sequences in the filename, the attacker can navigate to parent directories and upload files to unintended locations within the S3 bucket. This could lead to unauthorized data access or modification.

Who is affected

Users of the latest version of the software who utilize the file upload functionality are affected by this vulnerability. This includes any deployment where the application interacts with an S3 bucket for file storage.

Technical Report
Want more out of Sightline?

Sightline offers even more for premium customers

Go Premium

We have - related security advisories that are available with Sightline Premium.