Primary

Context

Misskey Directory Traversal Vulnerability in AiScript via Mk:api

Vulnerability

A directory traversal vulnerability has been identified in Misskey versions 12.31.0 prior to 2025.4.1. The issue arises from missing validation in the Mk:api function, which allows malicious AiScript code to access unauthorized endpoints. By prefixing a URL with '../', the AiScript can escape the '/api' directory and make requests to other endpoints such as '/files', '/url', and '/proxy'.

Impact

Exploitation of this vulnerability could allow a malicious actor to access additional API endpoints that are not normally available, potentially leading to unauthorized actions or data access. While the exact impact is unclear, it is significant enough to warrant concern.

Reproduction

To reproduce this vulnerability, send a request using the Mk:api function with a crafted endpoint that includes directory traversal sequences. The request will bypass normal API endpoint restrictions and access unauthorized resources.

Remediation

Users can upgrade to Misskey version 2025.4.1 or later to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

1.3

exploitability

6.5

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

1.3

exploitability

6.5

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Misskey Directory Traversal Vulnerability in AiScript via Mk:api

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Misskey

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating