CVE-2023-0290 in Velociraptor
Summary
by MITRE • 01/19/2023
Rapid7 Velociraptor did not properly sanitize the client ID parameter to the CreateCollection API, allowing a directory traversal in where the collection task could be written. It was possible to provide a client id of "../clients/server" to schedule the collection for the server (as a server artifact), but only require privileges to schedule collections on the client. Normally, to schedule an artifact on the server, the COLLECT_SERVER permission is required. This permission is normally only granted to "administrator" role. Due to this issue, it is sufficient to have the COLLECT_CLIENT privilege, which is normally granted to the "investigator" role. To exploit this vulnerability, the attacker must already have a Velociraptor user account at least "investigator" level, and be able to authenticate to the GUI and issue an API call to the backend. Typically, most users deploy Velociraptor with limited access to a trusted group, and most users will already be administrators within the GUI. This issue affects Velociraptor versions before 0.6.7-5. Version 0.6.7-5, released January 16, 2023, fixes the issue.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 04/04/2025
The vulnerability described in CVE-2023-0290 represents a critical directory traversal flaw within the Rapid7 Velociraptor incident response platform that fundamentally undermines the system's privilege separation mechanisms. This issue exists in the CreateCollection API implementation where the client ID parameter fails to properly sanitize user input, creating an exploitable path traversal condition that allows attackers to manipulate collection scheduling targets. The vulnerability specifically manifests when an attacker provides a malicious client ID value such as "../clients/server" which bypasses normal access controls and enables unauthorized execution of server-level artifacts. This flaw directly violates the principle of least privilege and demonstrates a serious breakdown in the application's input validation and access control enforcement mechanisms.
The technical exploitation of this vulnerability requires an attacker to possess at minimum an investigator-level user account within the Velociraptor system, along with valid authentication credentials to access the graphical user interface and make direct API calls to the backend services. The attacker must leverage their COLLECT_CLIENT privilege, which normally only permits scheduling collections on client endpoints, to gain the ability to schedule server-level artifacts that typically require the more privileged COLLECT_SERVER permission. This represents a privilege escalation vulnerability where the attacker can effectively elevate their effective privileges through manipulation of the API parameter handling. The vulnerability is classified under CWE-22 as Directory Traversal and aligns with ATT&CK technique T1059.001 for command and script interpreter execution, as the attacker can schedule arbitrary server artifacts through the compromised API endpoint.
The operational impact of this vulnerability extends beyond simple privilege escalation, as it enables attackers with investigator-level access to potentially execute malicious artifacts against the server component of the Velociraptor deployment. This could allow for unauthorized access to sensitive server data, execution of arbitrary commands, and potential compromise of the entire incident response platform. The vulnerability affects all versions prior to 0.6.7-5 released on January 16, 2023, making it a significant concern for organizations running older versions of the software. Security practitioners should note that while the vulnerability requires existing user credentials, the privilege escalation it enables can have severe consequences in environments where Velociraptor is deployed with limited access controls, as many deployments operate with trusted user groups that may already contain administrative privileges. The fix implemented in version 0.6.7-5 addresses the root cause by properly sanitizing the client ID parameter to prevent directory traversal sequences from being interpreted as valid target paths, thereby restoring proper access control boundaries between client and server operations.
Organizations should prioritize immediate remediation of this vulnerability by upgrading to Velociraptor version 0.6.7-5 or later, as the patch addresses the core input validation issue that enables the directory traversal attack vector. Security teams should also implement monitoring for suspicious API usage patterns, particularly around collection scheduling operations, to detect potential exploitation attempts. The vulnerability demonstrates the critical importance of proper input sanitization in web applications and highlights the need for comprehensive access control testing to ensure that privilege boundaries are properly enforced. Given that this vulnerability can be exploited by users with relatively low privileges, organizations should conduct thorough access control reviews and consider implementing additional security measures such as API rate limiting and enhanced audit logging to detect anomalous behavior patterns that might indicate exploitation attempts.