Impact
The archive import API responsible for uploading policy files in the Rudder application is vulnerable to a path traversal vulnerability, commonly referred to as ZipSlip. This issue arises due to insufficient validation of file paths within ZIP archives submitted to the API. As a result, an attacker can craft a malicious archive containing directory traversal sequences (../) in file names, allowing files to be extracted outside the intended target directory.
This vulnerability can be exploited to overwrite arbitrary files on the file system, including executable files, which may ultimately lead to RCE. Notably, successful exploitation requires access to the API with the low-privileged user role.
Patches
Workarounds
References
Impact
The archive import API responsible for uploading policy files in the Rudder application is vulnerable to a path traversal vulnerability, commonly referred to as ZipSlip. This issue arises due to insufficient validation of file paths within ZIP archives submitted to the API. As a result, an attacker can craft a malicious archive containing directory traversal sequences (../) in file names, allowing files to be extracted outside the intended target directory.
This vulnerability can be exploited to overwrite arbitrary files on the file system, including executable files, which may ultimately lead to RCE. Notably, successful exploitation requires access to the API with the low-privileged user role.
Patches
Workarounds
References