Vulnerability Summary
HackerOne disclosed report --> https://hackerone.com/reports/3518571 by alexb_616
Product: Weblate. Verified on self-hosted instances. Affected Versions: Confirmed in version 5.0.2 and the current stable release 5.15.2. Probably all versions are vulnerable.
A critical argument injection vulnerability was discovered in the SSH management interface. The host parameter does not properly sanitize user input before passing it to internal system commands. An attacker with administrative privileges can inject command-line arguments (such as -f) to force the server to read and display the contents of sensitive local files, including /etc/passwd, Django settings.py (containing the SECRET_KEY), and private SSH keys (id_rsa).
Endpoint: /manage/ssh/
hackerone-reportsHackerOne disclosed report --> https://hackerone.com/reports/3601655 by smlee
hackerone-reportsHackerOne disclosed report --> https://hackerone.com/reports/3168691 by joejoe5
hackerone-reportsHackerOne disclosed report --> https://hackerone.com/reports/3287208 by hellokbit
No comments yet.
Be the first to share your thoughts
Log in to join the discussion.
Sign In