High

devika

Directory Traversal Vulnerability in Download Endpoint

A directory traversal vulnerability exists in the latest version of the software, allowing attackers to download any file from the system. This issue has not yet been patched.

Available publicly on Jun 27 2024

7.5

CVE:

CVE-2024-5548

CWE:

22:Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVSS:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Credit:

ranjit-git
AssessDetect

Premium

Remediate
Threat Overview

The vulnerability is due to improper validation of the 'project_name' parameter in the /api/download-project endpoint. An attacker can manipulate the 'project_name' parameter to traverse directories and access arbitrary files on the server. This can lead to unauthorized access to sensitive information and potential data breaches.

Attack Scenario

An attacker sends a GET request to the /api/download-project endpoint with a manipulated 'project_name' parameter, such as '../../../../etc/passwd'. The server processes this request and returns the contents of the specified file, allowing the attacker to download sensitive files from the system.

Who is affected

Users running the latest version of the software with the vulnerable /api/download-project endpoint are affected. This includes any deployments where the endpoint is exposed to untrusted users.

Technical Report
Want more out of Sightline?

Sightline offers even more for premium customers

Go Premium

We have - related security advisories that are available with Sightline Premium.