feng_ha_ha Megagao SSM-ERP and Production SSM Path Traversal Vulnerability in File Deletion Function

A path traversal vulnerability allowing arbitrary file deletion has been identified in the production_ssm system, part of the feng_ha_ha/megagao SSM-ERP project. This issue affects versions of production_ssm prior to the commit 4288d53bd35757b27f2d070057aefb2c07bdd097. The vulnerability arises in the deleteFile function within FileServiceImpl.java, where the application fails to properly sanitize file path inputs. This oversight enables remote attackers to manipulate file paths using directory traversal sequences to delete files outside of the intended directory.

Impact

Exploitation of this vulnerability allows for arbitrary file deletion on the server, which could lead to the removal of critical application files or data.

Reproduction

To reproduce this vulnerability, send a POST request to the '/file/delete' endpoint with a 'fileName' parameter that includes directory traversal sequences, such as '..\..\..\123.txt'. The server will process the request and delete the specified file, bypassing normal file deletion restrictions.