OpenViking Path Traversal Vulnerability in .ovpack Import Handling
Vulnerability
A path traversal vulnerability has been identified in OpenViking versions through 0.2.1, within the .ovpack import process. This vulnerability allows attackers to write files outside the designated import directory by crafting malicious ZIP archives that include traversal sequences, absolute paths, or drive prefixes in the member names. Such archives can overwrite or create arbitrary files with the privileges of the importing process.
Impact
Exploitation of this vulnerability can lead to unauthorized file creation or overwriting, potentially disrupting normal operations or causing data loss.
Reproduction
The vulnerability can be reproduced by creating a malicious .ovpack file that includes unsafe ZIP member paths, such as relative paths that traverse directories, absolute paths, or Windows drive-prefixed paths. After building this ZIP file, it can be imported using the 'import_ovpack' function, which will process the unsafe paths before proper validation, allowing the traversal to occur.
Remediation
Users are advised to update to OpenViking version 0.2.3 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.