返回列表 发布新帖

[官方消息] 【PTP】qB4.5.1安全问题

697 1
发表于 2023-2-27 17:30:37 | 查看全部 阅读模式

来吧兄弟,一起玩一起讨论!

您需要 登录 才可以下载或查看,没有账号?注册

×
PassthePopcorn:qBittorrent 4.5.1 WebUI Vulnerability



A vulnerability has been reported in qBittorrent 4.5.1 running on Windows with the webui enabled.

A bug allows a remote attack to read files and traverse your filesystem using the webui uri.

Please disable the webui to secure your machine and follow the bug report awaiting a fix!


The bug report can be found here:
游客,如果您要查看本帖隐藏内容请回复


Cheers,

-alamak
                                                                                                                             
Confirmed by members to be vulnerable on:
qBit 4.5.1 - infinitycircuit
qBit 4.5.0 - flashgit
引用

qBittorrent & operating system versions

qBitTorrent version: 4.5.1 (latest stable as of today).
Operating System: Windows 10, version 22H2. x64 architecture.

What is the problem?

I ran a Nessus vulnerability scan on a machine running qBitTorrent and found that the Web UI can be used to access arbitrary files on the host's filesystem - unauthenticated - via what appears to be a path traversal vulnerability.

Have done some searches on your bug tracker for an existing bug report - and can't find one, some am raising this. Note that this is my first open source bug report - so apologies if I've missed anything. Please let me know if there's anything you need from me.
Steps to reproduce

If you were on my network, you'd do the following:

Enable the qBitTorrent web UI (in my case it runs on port 8080)
From a command prompt, run curl -i "http://192.168.2.8:8080/..\..\..\..\..\windows\win.ini"

Expected result: a 403 or 404 response
Actual result: the win.ini file from the remote machine is displayed

Have attached a screenshot where I create a file on the remote machine then retrieve that file unauthenticated from my laptop.
Additional context

评论1

江南雨巷Lv.5 发表于 2023-2-28 09:20:41 | 查看全部
楼主发贴辛苦了,谢谢楼主分享!
回复 点赞

使用道具 举报

回复

您需要登录后才可以回帖 登录 | 注册

本版积分规则

淘宝小店

邀请码

VIP会员

微信客服

公众号

微信群

投诉/建议联系

support@gebi1.cn

未经授权禁止转载,复制和建立镜像,
如有违反,追究法律责任
  • 关注公众号
  • 添加微信客服
Copyright © 2001-2024 隔壁网 版权所有 All Rights Reserved. 粤ICP备14056481号-1
关灯 在本版发帖
扫一扫添加微信客服
返回顶部
快速回复 返回顶部 返回列表