Path traversal in Mastodon

#VU78046 Path traversal in Mastodon

Published: 2023-07-10

Vulnerability identifier: #VU78046

Vulnerability risk: Medium

CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-36460

CWE-ID: CWE-22

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Mastodon
Server applications / Other server solutions

Vendor: Mastodon

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote user can send a specially crafted HTTP request and create and overwrite arbitrary files on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Mastodon: 3.5.0 - 3.5.8, 4.1.0 - 4.1.2, 4.0.0 - 4.0.4

External links
http://github.com/mastodon/mastodon/releases/tag/v3.5.9
http://github.com/mastodon/mastodon/security/advisories/GHSA-9928-3cp5-93fm
http://github.com/mastodon/mastodon/commit/dc8f1fbd976ae544720a4e07120d9a91b2722440
http://github.com/mastodon/mastodon/releases/tag/v4.0.5
http://github.com/mastodon/mastodon/releases/tag/v4.1.3
http://www.openwall.com/lists/oss-security/2023/07/06/4

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Mastodon