CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

qrcp through 0.8.4, in receive mode, allows ../ Directory Traversal via the file name specified by the uploader.

While qrcp works on receive mode, uploader can edit the file name in HTTP request and add "../". Meanwhile, qrcp doesn't check legality of file name which lead to directory traversal.  
Env: qrcp-0.8.4, Windows 10 x86\_64, Ubuntu 20.04 x86\_64  
Poc:  
![image](https://user-images.githubusercontent.com/69268043/156000336-2b3019b6-4cdb-40ed-a305-4e48bf3628e9.png)  
![image](https://user-images.githubusercontent.com/69268043/156000944-8e1ab6e9-cbdd-42b2-8af2-839a5aff3036.png)  
![image](https://user-images.githubusercontent.com/69268043/156001182-98f2a234-a91e-4e34-b8aa-57d9082051c2.png)

credit: starryloki,lu0sf

Headline

CVE-2022-26315: Directory Traversal Vulnerability · Issue #223 · claudiodangelis/qrcp

CVE: Latest News