Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
FileRise: Path Traversal in `resumableIdentifier` Leading to Arbitrary File Write, Recursive Directory Deletion, and Limited Existence Oracle
Vulnerability Description
FileRise is a self-hosted web file manager / WebDAV server. From version 1.0.1 to before version 3.10.0, the resumableIdentifier parameter in the Resumable.js chunked upload handler (UploadModel::handleUpload()) is concatenated directly into filesystem paths without any sanitization. An authenticated user with upload permission can exploit this to write files to arbitrary directories on the server, delete arbitrary directories via the post-assembly cleanup, and probe file/directory existence. This issue has been patched in version 3.10.0.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
FileRise 安全漏洞
Vulnerability Description
FileRise是Ryan个人开发者的一个轻量级、自托管的基于web的文件管理器。 FileRise 1.0.1至3.10.0之前版本存在安全漏洞,该漏洞源于Resumable.js分块上传处理程序中的resumableIdentifier参数未经清理直接拼接至文件系统路径,可能导致具有上传权限的认证用户向服务器任意目录写入文件、删除任意目录以及探测文件或目录存在。
CVSS Information
N/A
Vulnerability Type
N/A