Local file Inclusion in download-project endpoint
A Local File Inclusion vulnerability was discovered in the latest version of the software, allowing attackers to read arbitrary files on the system. This issue has not yet been patched.
Available publicly on Jul 10 2024
Threat Overview
The vulnerability arises from the application's handling of user-supplied input for file paths. Specifically, the application zips all files in a folder specified by the user without proper validation, enabling an attacker to traverse directories and access sensitive files on the system. This can lead to unauthorized access to critical system files and potentially sensitive information.
Attack Scenario
An attacker can exploit this vulnerability by sending a crafted request to the application's API endpoint. For example, by using the command curl http://localhost:1337/api/download-project?snapshot_path=/etc
, the attacker can instruct the application to zip and download files from the /etc
directory, potentially exposing sensitive configuration files.
Who is affected
Users running the latest version of the software are affected. This includes any deployments where the application is accessible over a network, potentially exposing sensitive files to unauthorized users.
Technical Report
Want more out of Sightline?
Sightline offers even more for premium customers
Go Premium
We have - related security advisories that are available with Sightline Premium.