GMOD Apollo Path Traversal Vulnerability Allowing Arbitrary File Upload

Vulnerability

A relative path traversal vulnerability has been identified in GMOD Apollo versions prior to 2.8.0. When uploading organism or sequence data through the web interface, the application unzips and inspects the files without properly checking for path traversal in supported archive types. This oversight could be exploited to upload malicious files.

Impact

Exploitation of this vulnerability could allow an attacker to bypass file upload restrictions and upload harmful files to the server.

Remediation

Users are advised to update GMOD Apollo to version 2.8.0 or later.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

GMOD Apollo Path Traversal Vulnerability Allowing Arbitrary File Upload

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating