CVE-2026-54352 in budibase
Summary
by MITRE • 06/27/2026
Budibase is an open-source low-code platform. Prior to 3.39.9, `POST /api/pwa/process-zip` at packages/server/src/api/routes/static.ts:24 accepts a builder-uploaded .zip, extracts it with [email protected] into a temp directory, then for each entry listed in icons.json validates the icon path, opens it, and streams the bytes into MinIO. The resulting object is served back via GET /api/assets/{appId}/pwa/{uuid}.png. [email protected] preserves absolute symlink targets when restoring symlink entries. The icon-source validator at packages/server/src/api/controllers/static/index.ts:259-268 resolves the icon source string against baseDir (path.resolve), checks resolvedSrc.startsWith(baseDir + path.sep) against that string, and calls fs.existsSync(resolvedSrc) which follows symbolic links to confirm the target exists. None of the three calls reject symbolic-link entries. packages/backend-core/src/objectStore/objectStore.ts:302 then calls (await fsp.open(path)).createReadStream() on the resolved path. fsp.open follows the symlink, the target file's bytes stream into MinIO, and the response of the asset-fetch endpoint returns those bytes verbatim. Result: a workspace-level builder reads any file the server process can open. This vulnerability is fixed in 3.39.9.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 06/27/2026
This vulnerability exists within Budibase's open-source low-code platform where the static API endpoint POST /api/pwa/process-zip processes uploaded zip files containing icon assets for progressive web applications. The flaw stems from improper handling of symbolic links during the extraction process, specifically when using [email protected] which preserves absolute symlink targets during restoration. The vulnerability occurs at the intersection of multiple security controls that fail to properly validate or reject symbolic link entries in the file processing pipeline.
The technical implementation involves a multi-stage attack vector where the system accepts arbitrary zip uploads and extracts them into temporary directories without proper sanitization of symbolic links. When processing icons.json entries, the validation logic at line 259-268 in packages/server/src/api/controllers/static/index.ts resolves paths against baseDir using path.resolve() but fails to reject symbolic link entries entirely. The validation function checks if resolvedSrc starts with baseDir + path.sep and validates file existence using fs.existsSync() which naturally follows symbolic links to verify target files exist. This approach creates a fundamental flaw where symbolic links pointing outside the intended directory structure are accepted as valid paths.
The operational impact of this vulnerability is severe as it allows a workspace-level builder user to read any file that the server process has permission to access, effectively creating a privilege escalation scenario. When the system subsequently opens files for streaming into MinIO storage through fsp.open().createReadStream(), the underlying filesystem automatically resolves symbolic links and streams the contents of the target file rather than the intended icon asset. This creates a direct information disclosure vulnerability where sensitive data could be exfiltrated from the server's filesystem, potentially including configuration files, credentials, or other sensitive artifacts accessible to the application process.
The vulnerability aligns with CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) and CWE-59 (Improper Link Resolution) while demonstrating characteristics consistent with ATT&CK technique T1083 (File and Directory Discovery) and T1566 (Phishing). The root cause lies in the lack of proper symlink validation and the failure to implement restrictive path validation that would prevent absolute symbolic links from being processed. The fix implemented in version 3.39.9 addresses this by ensuring that symbolic link entries are properly rejected during the extraction process, preventing the escalation of privilege through maliciously crafted zip archives containing symbolic links pointing to sensitive system files.
Security mitigations for this vulnerability include implementing proper symlink validation during file extraction processes, rejecting absolute symbolic links entirely, and enforcing strict path validation that prevents traversal attacks. Organizations should ensure that all file processing pipelines validate not only file existence but also the integrity of symbolic link targets. The fix demonstrates the importance of comprehensive input validation in file handling operations and the necessity of considering edge cases such as symbolic links that may bypass traditional path validation mechanisms.