Arbitrary file upload in geoserver - CVE-2023-51444
Published: March 19, 2024 / Updated: May 5, 2026
geoserver
Detailed vulnerability description
The vulnerability allows a remote user to execute arbitrary code.
The vulnerability exists due to improper input validation in the REST Coverage Store API when handling file upload requests for coverage stores configured with absolute paths. A remote privileged user can upload arbitrary file contents to arbitrary file locations to execute arbitrary code.
An attacker with permissions to modify coverage stores may also overwrite GeoServer security files to obtain full administrator privileges.