| 제목 | https://github.com/bolo-blog/bolo-solo bolo-solo V2.6.4 Arbitrary file write |
|---|
| 설명 | A critical arbitrary file write vulnerability exists in Bolo-Solo version 2.6.4. The /import/cnblogs endpoint fails to properly validate or sanitize user-supplied filenames during blog import operations. As a result, an unauthenticated remote attacker can craft a malicious HTTP request that writes arbitrary content to any writable location on the server filesystem.
The application directly uses attacker-controlled input as part of the file path without canonicalization, validation, or restriction to a safe directory. This allows directory traversal (e.g., using sequences like ../) and ultimately enables overwriting or creating files such as web-accessible scripts (e.g., .jsp, .html, or configuration files), leading to remote code execution, data tampering, or full system compromise. |
|---|
| 원천 | ⚠️ https://github.com/bolo-blog/bolo-solo/issues/328 |
|---|
| 사용자 | MaoQiu (UID 94327) |
|---|
| 제출 | 2026. 01. 20. AM 07:44 (5 개월 ago) |
|---|
| 모더레이션 | 2026. 02. 03. PM 03:04 (14 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 343980 [bolo-blog bolo-solo 까지 2.6.4 Filename BackupService.java importFromCnblogs 파일 디렉토리 순회] |
|---|
| 포인트들 | 20 |
|---|