Path Traversal when upload file in metersphere/metersphere

Valid

Reported on

Dec 25th 2022


metersphere allow users to upload file, but not check the file name.

Poc can be found in the link

Impact

file overwriiten , remoe code injection and so on.

References

We are processing your report and will contact the metersphere team within 24 hours. a year ago
We have contacted a member of the metersphere team and are waiting to hear back a year ago
metersphere/metersphere maintainer gave praise a year ago
The researcher's credibility has slightly increased as a result of the maintainer's thanks: +1
lujiefsi
a year ago

Researcher


Hi, could you please vaild this report and assigne a cve once we fix it?

lujiefsi
a year ago

Researcher


@admin will my comment be sent to maintainer by email?

metersphere/metersphere maintainer
a year ago

Maintainer


The vulnerability has been fixed and CVE-2022-46178 has been issued. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46178 https://github.com/metersphere/metersphere/security/advisories/GHSA-9p62-x3c5-hr5p

lujiefsi
a year ago

Researcher


that's good, and could you please valiad this report without assign cve

metersphere/metersphere maintainer validated this vulnerability a year ago
lujiefsi has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
metersphere/metersphere maintainer marked this as fixed in v2.5.1 with commit 3a890e a year ago
The fix bounty has been dropped
This vulnerability has now been published a year ago
lujiefsi
a year ago

Researcher


@admin could you please assign CVE-2022-46178 to this report

metersphere/metersphere maintainer
a year ago

Maintainer


How to do this?

Pavlos
a year ago

Admin


On it :)

to join this conversation