Directory Listing via Path Traversal
A vulnerability in versions v9.9 to the latest of the software allows an attacker to list arbitrary directories on a Windows system. This issue has not yet been patched.
Available publicly on Oct 04 2024
Threat Overview
The vulnerability exists due to improper validation of user-supplied input in the 'open_file' endpoint. An attacker can exploit this flaw by sending a specially crafted HTTP request to list the contents of arbitrary directories on the server. This can lead to exposure of sensitive information and potentially aid in further attacks.
Attack Scenario
An attacker crafts a malicious HTTP POST request to the 'open_file' endpoint with a payload specifying a directory path, such as 'C:\Users'. Upon sending this request, the server responds with the contents of the specified directory, allowing the attacker to enumerate files and directories on the system.
Who is affected
Users running versions v9.9 to the latest of the software on Windows systems are affected by this vulnerability.
Technical Report
Want more out of Sightline?
Sightline offers even more for premium customers
Go Premium
We have - related security advisories that are available with Sightline Premium.