| タイトル | ThingsGateway v12 Unauthorized Download Vulnerability |
|---|
| 説明 | ThingsGateway is an open-source Industrial Internet of Things (IIoT) edge computing gateway focused on efficient data collection, edge processing, and reliable forwarding for industrial field devices. The project is designed for real-world industrial scenarios, emphasizing stability, high performance, scalability, and engineering maintainability, making it suitable for various application environments such as industrial automation, energy, power, manufacturing, and building automation.
The system's defense logic (fileName.StartsWith(@"../Logs")) && filePath.Contains("..") was intended to allow access if the path starts with the ../Logs directory (for log reading) while generally disallowing cross-directory access (Contains("..")). However, due to short-circuit evaluation characteristics, if an attacker constructs a fileName starting with ../Logs, the first part of the logical expression !(...) becomes false. This causes the entire && condition to fail, completely bypassing the filePath.Contains("..") validation. |
|---|
| ソース | ⚠️ https://github.com/SourByte05/SourByte-Lab/issues/11 |
|---|
| ユーザー | sourbyte (UID 94279) |
|---|
| 送信 | 2026年03月04日 09:40 (2 月 ago) |
|---|
| モデレーション | 2026年03月15日 19:49 (11 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 351156 [ThingsGateway 12 /api/file/download fileName ディレクトリトラバーサル] |
|---|
| ポイント | 20 |
|---|