| Название | MoneyPrinterTurbo GitHub Repository MoneyPrinterTurbo 1.2.6 Arbitrary File Write |
|---|
| Описание | A critical severity path traversal vulnerability exists in the music upload API endpoint (POST /api/v1/musics) of the application.
The root cause of this vulnerability is the backend service's failure to adequately validate and sanitize the user-submitted filename parameter within multipart/form-data requests. An attacker can craft a filename containing path traversal sequences (../) and an absolute path to bypass the application's intended file storage directory restrictions.
This allows a remote, authenticated attacker to write a file with arbitrary content to an arbitrary location on the server's filesystem. In the provided proof-of-concept, the attacker writes a malicious cron job to the highly sensitive /etc/cron.d/ directory. For this specific exploit vector to succeed, the cron service must be installed and running on the target server. An active cron service will execute tasks in this directory with root privileges, allowing the attacker to achieve full Remote Code Execution (RCE) within one minute and leading to a complete compromise of the victim server. |
|---|
| Источник | ⚠️ https://www.notion.so/Arbitrary-File-Write-Vulnerability-in-MoneyPrinterTurbo-1-2-6-288014c4d9ca809bb411e4fe875d1e22 |
|---|
| Пользователь | xuanSAMA (UID 73290) |
|---|
| Представление | 10.10.2025 07:41 (8 месяцы назад) |
|---|
| Модерация | 10.10.2025 15:35 (8 hours later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 327929 [harry0703 MoneyPrinterTurbo до 1.2.6 API Endpoint music.py upload_music Файл обход каталога] |
|---|
| Баллы | 17 |
|---|