Traefik's Client Plugin is Vulnerable to Path Traversal, Arbitrary File Overwrites and Remote Code Execution

Traefik is an HTTP reverse proxy and load balancer. In versions 2.11.27 and below, 3.0.0 through 3.4.4 and 3.5.0-rc1, a path traversal vulnerability was discovered in WASM Traefik’s plugin installation mechanism. By supplying a maliciously crafted ZIP archive containing file paths with ../ sequences, an attacker can overwrite arbitrary files on the system outside of the intended plugin directory. This can lead to remote code execution (RCE), privilege escalation, persistence, or denial of service. This is fixed in versions 2.11.28, 3.4.5 and 3.5.0.

N/A

对路径名的限制不恰当(路径遍历)

Traefik 安全漏洞

Traefik是Traefik开源的一款开源的反向代理与负载均衡工具。 Traefik 2.11.27及之前版本、3.0.0至3.4.4版本和3.5.0-rc1版本存在安全漏洞，该漏洞源于WASM插件安装机制存在路径遍历，可能导致任意文件覆盖。

N/A

N/A