Affil.io Extension Sandbox Arbitrary File Read via simpleHttpClient

Vulnerability Overview Vulnerability Name: Arbitrary File Read and Exfiltration via Extension Script Vulnerability Description: An fully functional HTTP client, , is injected into the scope of each extension script within the extension sandbox. The method accepts an arbitrary file system path as its parameter, reading the file content using without path validation, directory restrictions, or whitelisting. Malicious extension scripts can read any file accessible by the JVM process user and exfiltrate them via HTTP POST to a server controlled by the attacker. Impact Scope Affected Versions: ≤ 2.0-M5-2509-1 Fixed Version: 2.0-M5-2606 CVSS Score: 4.9 / 10 Attack Vector: Network Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None Remediation Fixed Version: 2.0-M5-2606 Vulnerability Details Background allows administrators to upload server-side JavaScript extensions executed by the Mozilla Rhino engine. The extension sandbox utilizes AST validation, , and runtime wrappers to restrict Java interoperability. However, a fully functional HTTP client, , is injected into the scope of every extension script to support legitimate webhook and API integration use cases. Root Cause The method is intended to upload local files to a remote URL. It accepts a parameter as a plain string representing a file system path and opens it using . No Path Validation: Accepts any absolute or relative path. No Directory Restrictions: Files are not required to reside within a specific directory. No Whitelist: There is no check against an allowed list of file paths or extensions. No Sandboxing: operates in the main JVM context, not within the Rhino sandbox. Scope Injection is instantiated and placed on a sealed (shared) scope during the initialization of : Every extension script, regardless of the event type it handles, has access to this object. The underlying is created in without any egress URL restrictions: Proof of Concept (POC) Extension Script Attacker Listener Expected Output Impact An authenticated administrator can read any file accessible by the JVM process user, including: - Database Credentials: Extracted from or environment variables, enabling direct database access and full exfiltration of customer PII, payment records, and ticket data. - TLS Private Keys: Enables man-in-the-middle attacks against encrypted connections. - SSH Private Keys: Enables lateral movement to other systems. - Cloud Credentials: Extracted from environment variables or instance metadata configuration files. - Application Secrets: Extracted from secrets in configuration files (S3 credentials, API keys, webhook keys).

Goal Reached Thanks to every supporter — we hit 100%!

Affil.io Extension Sandbox Arbitrary File Read via simpleHttpClient

More from this source