| शीर्षक | yohann( https://github.com/Yohann0617 ) oci-helper <=V3.2.4 Directory/Path Traversal |
|---|
| विवरण | A path traversal vulnerability exists in oci-helper version 3.2.4 and earlier in the OCI configuration upload functionality. The application fails to properly validate user-supplied filenames when processing file uploads through the /api/oci/addCfg endpoint. An authenticated attacker can exploit this vulnerability by uploading a file with a specially crafted filename containing path traversal sequences (e.g., ../../../), allowing arbitrary file write to any location on the server filesystem where the application has write permissions. Successful exploitation can lead to complete system compromise through SSH key replacement, configuration tampering, or malicious code injection via cron jobs. The vulnerability is present in the OciServiceImpl.addCfg() method at line 146, where MultipartFile.getOriginalFilename() is directly concatenated with the base directory path without sanitization. CVSS v3.1 Base Score: 8.1 (High) - AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N. |
|---|
| स्रोत | ⚠️ https://github.com/Xzzz111/exps/blob/main/archives/oci-helper-path-traversal-1/report.md |
|---|
| उपयोगकर्ता | sh7err05 (UID 92498) |
|---|
| सबमिशन | 10/11/2025 03:03 PM (7 महीनों पहले) |
|---|
| संयम | 02/12/2025 10:35 AM (22 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 334031 [Yohann0617 oci-helper तक 3.2.4 OCI Configuration Upload OciServiceImpl.java addCfg Arquivo निर्देशिका ट्रैवर्सल] |
|---|
| अंक | 20 |
|---|