Skip to content

Improper access control to download file

High
fit2-zhao published GHSA-mcwr-j9vm-5g8h Mar 9, 2023

Package

No package listed

Affected versions

<=1.20.19 lts
<=2.6.2

Patched versions

1.20.20 lts
2.7.1

Description

author

superx@snowtech.com.cn

Summary

A improper access control vulnerability exists in /api/jmeter/download/files, which allows to download any file without authentication, may leads various issues.

Details

In ShiroUtil config , Anonymous User can access /api/jmeter/download/files

image

downloadJmeterFiles doesn't check the filename

image

image

The file is zipped.

image

Severity

High
8.6
/ 10

CVSS base metrics

Attack vector
Network
Attack complexity
Low
Privileges required
None
User interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
None
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CVE ID

CVE-2023-25573

Weaknesses

Credits