Dosage Comic Strip Downloader Directory Traversal Vulnerability Allowing Arbitrary File Write
Vulnerability
A directory traversal vulnerability has been identified in Dosage, a comic strip downloader and archiver, in versions prior to 3.2. When downloading comic images, the application constructs file names based on various aspects of the remote comic. While the basename is correctly sanitized to remove directory-traversing characters, the file extension is derived from the HTTP Content-Type header. This behavior enables a remote attacker, or a Man-in-the-Middle if the comic is served over HTTP, to write arbitrary files outside the designated directory, provided certain conditions are met.
Impact
Exploitation of this vulnerability could lead to arbitrary file writing outside the target directory, potentially overwriting critical files or causing other unintended consequences.
Remediation
Users can upgrade to Dosage version 3.2, where this vulnerability has been fixed. Distributors may also backport the fix to older versions.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.