| 제목 | huangjunsen0406 xiaozhi-mcphub 1.0.3 Path Traversal |
|---|
| 설명 | A path traversal vulnerability (CWE-22) exists in huangjunsen0406/xiaozhi-mcphub 1.0.3. The DXT upload handler in src/controllers/dxtController.ts extracts .dxt archives and uses the name field from the untrusted manifest.json file to construct the extraction path using path.join. Because this value is not sanitized, an authenticated attacker can use traversal sequences (e.g., ../../) to extract files to arbitrary locations outside the intended directory. |
|---|
| 원천 | ⚠️ https://github.com/huangjunsen0406/xiaozhi-mcphub/issues/29 |
|---|
| 사용자 | ccccccctfi (UID 97498) |
|---|
| 제출 | 2026. 04. 20. PM 05:38 (2 개월 ago) |
|---|
| 모더레이션 | 2026. 05. 07. PM 06:40 (17 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 361904 [huangjunsen0406 xiaozhi-mcphub 까지 1.0.3 dxtController.ts manifest.name 디렉토리 순회] |
|---|
| 포인트들 | 20 |
|---|