MigoXLab LMeterX Path Traversal Vulnerability in Upload Service
Vulnerability
A critical directory traversal vulnerability has been identified in MigoXLab LMeterX version 1.2.0. The issue arises in the upload_service.py file, specifically within the process_cert_files function. The vulnerability is caused by improper handling of the task_id parameter, which can be manipulated to escape the intended upload directory. This allows attackers to write files to arbitrary locations on the server. The vulnerability can be exploited remotely, and a public exploit is available.
Impact
Exploitation of this vulnerability allows for arbitrary file overwriting on the server.
Reproduction
The vulnerability can be reproduced by sending a POST request to the /api/upload endpoint. Include a crafted task_id parameter that contains directory traversal sequences, such as '../', to escape the upload directory. Attach a file, such as a certificate file, to the request.
Remediation
Users are advised to update to LMeterX version 1.2.1, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.