Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
GrowthBook account creation and file upload vulnerability in self-hosted configurations
Vulnerability Description
GrowthBook is an open-source platform for feature flagging and A/B testing. With some self-hosted configurations in versions prior to 2022-08-29, attackers can register new accounts and upload files to arbitrary directories within the container. If the attacker uploads a Python script to the right location, they can execute arbitrary code within the container. To be affected, ALL of the following must be true: Self-hosted deployment (GrowthBook Cloud is unaffected); using local file uploads (as opposed to S3 or Google Cloud Storage); NODE_ENV set to a non-production value and JWT_SECRET set to an easily guessable string like `dev`. This issue is patched in commit 1a5edff8786d141161bf880c2fd9ccbe2850a264 (2022-08-29). As a workaround, set `JWT_SECRET` environment variable to a long random string. This will stop arbitrary file uploads, but the only way to stop attackers from registering accounts is by updating to the latest build.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
路径遍历:’../filedir’
Vulnerability Title
GrowthBook 路径遍历漏洞
Vulnerability Description
GrowthBook是GrowthBook开源的一个开源功能标记和 A/B 测试平台。 GrowthBook 2022-08-29之前版本存在路径遍历漏洞,该漏洞源于一些自托管配置,攻击者利用该漏洞可以注册新帐户并将文件上传到容器内的任意目录。
CVSS Information
N/A
Vulnerability Type
N/A