erdogant pypickle File Overwrite Vulnerability in Save Function

A critical vulnerability exists in the erdogant pypickle library, specifically in versions up to 1.1.5. The issue arises in the save function within the pypickle.py file, where improper authorization allows for unintended file overwrites. This vulnerability can lead to data loss or corruption, as it enables the overwriting of files in unauthorized locations on the filesystem. The vulnerability requires local exploitation, and a proof-of-concept exploit has been publicly disclosed.

Impact

Exploitation of this vulnerability allows for arbitrary file overwrites, potentially leading to data loss, corruption, or the overwriting of critical system files, which could disrupt system stability or security.

Reproduction

To reproduce this vulnerability, save a pickle file using the pypickle library's save function. Set the overwrite parameter to true and specify a file path that traverses directories to reach a sensitive location, such as the temporary directory. This will demonstrate how the vulnerability can be exploited to overwrite files arbitrarily.

Remediation

Users are advised to upgrade to pypickle version 2.0.0 or later, where this vulnerability has been addressed. The latest version can be installed via pip.