CVE-2020-16136

Published: Jul 31, 2020Modified: Nov 21, 2024

7.7

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Exploitability: 3.1 / Impact: 4.0

Source: NVD

Description

In tgstation-server 4.4.0 and 4.4.1, an authenticated user with permission to download logs can download any file on the server machine (accessible by the owner of the server process) via directory traversal ../ sequences in /Administration/Logs/ requests. The attacker is unable to enumerate files, however.

Affected (2)

Products: Tgstation13: Tgstation Server

1 product

Tgstation Server

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Tgstation13 Tgstation Server	Version 4.4.0
Tgstation13 Tgstation Server	Version 4.4.1

Related CWEs

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

References (4)

https://github.com/tgstation/tgstation-server

Source: cve@mitre.org

Third Party Advisory

https://github.com/tgstation/tgstation-server/security/advisories/GHSA-r8pp-42wr-2gc4

Source: cve@mitre.org

Third Party Advisory

https://github.com/tgstation/tgstation-server

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://github.com/tgstation/tgstation-server/security/advisories/GHSA-r8pp-42wr-2gc4

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.