Geyang ML-Logger Path Traversal Vulnerability in Log Handler
Vulnerability
A path traversal vulnerability has been identified in Geyang ML-Logger versions prior to commit acf255bade5be6ad88d90735c8367b28cbe3a743. The issue arises in the 'log_handler' function within 'ml_logger/server.py', where improper handling of file upload requests allows for traversal of directories. This vulnerability can be exploited remotely by unauthenticated users, potentially leading to overwriting critical files on the server, such as those used for SSH authentication or scheduled tasks.
Impact
Exploitation of this vulnerability allows for unrestricted file uploads, which can overwrite any file on the server. This includes sensitive files like SSH 'authorized_keys' or crontab entries, facilitating unauthorized access or execution of malicious scripts.
Reproduction
The vulnerability can be reproduced by sending a POST request to the server with a file upload that includes directory traversal sequences in the file name. The 'log_handler' function will process the upload, ignoring the traversal characters and allowing the file to be saved in an unintended location.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.