提出 #791112: comfyanonymous ComfyUI <= 0.13.0 (commit 6648ab68) Path Traversal (CWE-22)情報

タイトル	comfyanonymous ComfyUI <= 0.13.0 (commit 6648ab68) Path Traversal (CWE-22)
説明	# Technical Details A Path Traversal vulnerability exists in the `get_annotated_filepath` function in `folder_paths.py` of ComfyUI. The `POST /prompt` API accepts `../` sequences in the LoadImage node's `image` input field. These are passed to `os.path.join(base_dir, name)` without path containment checks in `folder_paths.get_annotated_filepath()`. The combo list validation (which should restrict filenames to the input directory) is bypassed because LoadImage defines `VALIDATE_INPUTS` with `image` as a parameter, causing execution.py to skip the combo check. # Vulnerable Code File: folder_paths.py (lines 259-268) Method: get_annotated_filepath Why: `os.path.join("/comfyui/input", "../../../etc/shadow_image")` resolves to `/etc/shadow_image`. The protected `get_full_path()` uses `os.path.relpath()` for containment — but `get_annotated_filepath()` has no such check. The `VALIDATE_INPUTS` in nodes.py only checks file existence, not path confinement. # Reproduction 1. Submit a crafted workflow via POST /prompt with path traversal in the LoadImage image field: {"image": "../../../tmp/secret.png", "upload": "image"} 2. File existence oracle: HTTP 200 (file exists) vs HTTP 400 (file not found). 3. Chain with PreviewImage → /view to exfiltrate the image content. # Impact - File existence oracle: Probe existence of SSH keys, config files, database paths via HTTP status codes. - Image file exfiltration: Read any image from anywhere on the server filesystem by chaining LoadImage → PreviewImage → /view. - Affects multiple nodes: LoadImage, LoadImageMask, LoadImageOutput, LoadLatent, LoadAudio, LoadVideo, Load3D, Load3DAnimation. - No authentication required.
ソース	⚠️ https://gist.github.com/YLChen-007/1e6db39703626dc5c1a2505426754333
ユーザー	Eric-c (UID 96848)
送信	2026年03月27日 13:31 (24 日 ago)
モデレーション	2026年04月19日 11:44 (23 days later)
ステータス	承諾済み
VulDBエントリ	358226 [ComfyUI 迄 0.13.0 LoadImage Node folder_paths.py folder_paths.get_annotated_filepath 名前ディレクトリトラバーサル]
ポイント	20

◂ 前概要次 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!