| عنوان | MoneyPrinterTurbo GitHub Repository MoneyPrinterTurbo 1.2.6 Arbitrary File Write |
|---|
| الوصف | A critical severity path traversal vulnerability exists in the music upload API endpoint (POST /api/v1/musics) of the application.
The root cause of this vulnerability is the backend service's failure to adequately validate and sanitize the user-submitted filename parameter within multipart/form-data requests. An attacker can craft a filename containing path traversal sequences (../) and an absolute path to bypass the application's intended file storage directory restrictions.
This allows a remote, authenticated attacker to write a file with arbitrary content to an arbitrary location on the server's filesystem. In the provided proof-of-concept, the attacker writes a malicious cron job to the highly sensitive /etc/cron.d/ directory. For this specific exploit vector to succeed, the cron service must be installed and running on the target server. An active cron service will execute tasks in this directory with root privileges, allowing the attacker to achieve full Remote Code Execution (RCE) within one minute and leading to a complete compromise of the victim server. |
|---|
| المصدر | ⚠️ https://www.notion.so/Arbitrary-File-Write-Vulnerability-in-MoneyPrinterTurbo-1-2-6-288014c4d9ca809bb411e4fe875d1e22 |
|---|
| المستخدم | xuanSAMA (UID 73290) |
|---|
| ارسال | 10/10/2025 07:41 AM (8 أشهر منذ) |
|---|
| الاعتدال | 10/10/2025 03:35 PM (8 hours later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 327929 [harry0703 MoneyPrinterTurbo حتى 1.2.6 API Endpoint music.py upload_music ملف اجتياز الدليل] |
|---|
| النقاط | 17 |
|---|