Directory Traversal Vulnerability in Download Endpoint
A directory traversal vulnerability exists in the latest version of the software, allowing attackers to download any file from the system. This issue has not yet been patched.
Available publicly on Jun 27 2024 | Available with Premium on Jun 08 2024
Threat Overview
The vulnerability is due to improper validation of the 'project_name' parameter in the /api/download-project endpoint. An attacker can manipulate the 'project_name' parameter to traverse directories and access arbitrary files on the server. This can lead to unauthorized access to sensitive information and potential data breaches.
Attack Scenario
An attacker sends a GET request to the /api/download-project endpoint with a manipulated 'project_name' parameter, such as '../../../../etc/passwd'. The server processes this request and returns the contents of the specified file, allowing the attacker to download sensitive files from the system.
Who is affected
Users running the latest version of the software with the vulnerable /api/download-project endpoint are affected. This includes any deployments where the endpoint is exposed to untrusted users.
Technical Report
Want more out of Sightline?
Sightline offers even more for premium customers
Go Premium
We have - related security advisories that are available with Sightline Premium.