Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in src/torrent_info.cpp in Rasterbar libtorrent before 0.14.4, as used in firetorrent, qBittorrent, deluge Torrent, and other applications, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) and partial relative pathname in a Multiple File Mode list element in a .torrent file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Rasterbar libtorrent库目录遍历漏洞
Vulnerability Description
libtorrent是很多桌面应用和嵌入式设备都在使用的开源C++ bittorrent库 。 libtorrent没有正确的过滤多文件模式的路径名,在src/torrent_info.cpp中对目录组件所执行的唯一检查就是对".."的检查: 184:for (int i = 0, end(p->list_size()); i < end; ++i) 185:{ 186:if (p->list_at(i)->type() != lazy_entry::string_t) 187:return false;
CVSS Information
N/A
Vulnerability Type
N/A