Headline
CVE-2022-26315: Directory Traversal Vulnerability · Issue #223 · claudiodangelis/qrcp
qrcp through 0.8.4, in receive mode, allows …/ Directory Traversal via the file name specified by the uploader.
While qrcp works on receive mode, uploader can edit the file name in HTTP request and add "…/". Meanwhile, qrcp doesn’t check legality of file name which lead to directory traversal.
Env: qrcp-0.8.4, Windows 10 x86_64, Ubuntu 20.04 x86_64
Poc:
credit: starryloki,lu0sf