Ecosyste.ms: Advisories

Security Advisories: GSA_kwCzR0hTQS14Zzh2LW0ybWgtNDVtNs4AA6qV

PsiTransfer: Violation of the integrity of file distribution

Summary
The absence of restrictions on the endpoint, which allows you to create a path for uploading a file in a file distribution, allows an attacker to add arbitrary files to the distribution.

Details
Vulnerable endpoint: POST /files

PoC

1. Create a file distribution.

2. Go to the link address (id of the file distribution is needed by an attacker to upload files there).

3. Send a POST /files. As the value of the Upload-Metadata header we specify the sid parameter with the id of the file distribution obtained in the second step. In the response from the server in the Location header we get the path for uploading a new file to the file distribution.

5. Send a PATCH /files/{{id}} request with arbitrary content in the request body. Id is taken from the previous step.

Result:

Impact
The vulnerability allows an attacker to influence those users who come to the file distribution after him and slip the victim files with a malicious or phishing signature.

Permalink: https://github.com/advisories/GHSA-xg8v-m2mh-45m6
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS14Zzh2LW0ybWgtNDVtNs4AA6qV
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: 26 days ago
Updated: 22 days ago

CVSS Score: 6.5
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Identifiers: GHSA-xg8v-m2mh-45m6, CVE-2024-31453
References:

• https://github.com/psi-4ward/psitransfer/security/advisories/GHSA-xg8v-m2mh-45m6
• https://github.com/psi-4ward/psitransfer/commit/b9853c97e6911e1c1c5341245ca1eb363fda5269
• https://nvd.nist.gov/vuln/detail/CVE-2024-31453
• https://github.com/advisories/GHSA-xg8v-m2mh-45m6

Repository: https://github.com/psi-4ward/psitransfer
Blast Radius: 1.0

Affected Packages