| Title | https://github.com/bolo-blog/bolo-solo bolo-solo V2.6.4 Arbitrary file write |
|---|
| Description | A critical arbitrary file write vulnerability exists in Bolo-Solo version 2.6.4. The /import/cnblogs endpoint fails to properly validate or sanitize user-supplied filenames during blog import operations. As a result, an unauthenticated remote attacker can craft a malicious HTTP request that writes arbitrary content to any writable location on the server filesystem.
The application directly uses attacker-controlled input as part of the file path without canonicalization, validation, or restriction to a safe directory. This allows directory traversal (e.g., using sequences like ../) and ultimately enables overwriting or creating files such as web-accessible scripts (e.g., .jsp, .html, or configuration files), leading to remote code execution, data tampering, or full system compromise. |
|---|
| Source | ⚠️ https://github.com/bolo-blog/bolo-solo/issues/328 |
|---|
| User | MaoQiu (UID 94327) |
|---|
| Submission | 01/20/2026 07:44 (5 months ago) |
|---|
| Moderation | 02/03/2026 15:04 (14 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 343980 [bolo-blog bolo-solo up to 2.6.4 Filename BackupService.java importFromCnblogs File path traversal] |
|---|
| Points | 20 |
|---|