Submit #573678: Kingdee Kingdee Cloud-Starry-Sky Enterprise Edition V8.2 Directory Traversal and Arbitrary File Reading Vulnerabilityinfo

TitelKingdee Kingdee Cloud-Starry-Sky Enterprise Edition V8.2 Directory Traversal and Arbitrary File Reading Vulnerability
Beschreibung1. Vulnerability Name : Directory Traversal and Arbitrary File Reading Vulnerability of Kingdee Cloud-Starry-Sky Enterprise Edition's IIS-K3CloudMiniApp 2. Vulnerability contributor and submitter: caichaoxiong 3. Vulnerability level: High risk. 4. Vulnerability Description : Kingdee Cloud Star Enterprise Edition application software component IIS-K3CloudMiniApp has path traversal and arbitrary file reading vulnerabilities due to security defects. Attackers can bypass the expected directory restrictions of Kingdee Cloud Star Enterprise Edition application by constructing special path strings (such as ../../ or ..\..\), resulting in access to arbitrary sensitive files on the application system, leading to large-scale sensitive information leakage. 5. Repair plan: (1)Path jump symbol interception Strictly filter the path parameters input by users at the code level, and use regular expressions to intercept jump characters such as ../, ..\, and their encoding forms (such as %2e%2e%, %c0%ae%) . (2)Whitelist verification mechanism Set a whitelist for the file paths or extensions that are allowed to be accessed, for example, only allow access to business-essential files such as .jpg and .pdf in the specified directory . Dynamically generate file IDs instead of directly exposing the file path to prevent path tampering through parameters. (3) Minimize file permissions The permissions of the web application running account are limited to accessing only business directories (such as /var/www/html) and are prohibited from reading system sensitive files (such as /etc/passwd) . (4) Path normalization and encoding processing Normalize the user input path, parse the absolute path and check whether it is within the allowed range .
Quelle⚠️ https://wx.mail.qq.com/s?k=hk3Fixc6Z1cKMI9rge
Benutzer
 caichaoxiong (UID 84060)
Einreichung08.05.2025 12:16 (vor 11 Monaten)
Moderieren04.08.2025 07:57 (3 months later)
StatusAkzeptiert
VulDB Eintrag318642 [Kingdee Cloud-Starry-Sky Enterprise Edition bis 8.2 IIS-K3CloudMiniApp FileUploadAction.class filePath Directory Traversal]
Punkte17

ZurückÜbersichtWeiter

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!