SiYuan Personal Knowledge Management System Incomplete Denylist Vulnerability in IsSensitivePath Function Allows Unauthorized File Access

A vulnerability exists in SiYuan personal knowledge management system versions prior to 3.6.2, where the IsSensitivePath() function employs an incomplete denylist approach. This flaw allows unauthorized access to multiple security-sensitive Linux directories, including /opt, /usr, /home, /mnt, /media, and /snap. The globalCopyFiles and importStdMd endpoints depend on IsSensitivePath for path validation, creating a risk of reading files outside the designated workspace.

Impact

Exploitation of this vulnerability allows for arbitrary file reading from several sensitive directories, including /opt, /usr, /home, /mnt, /media, and /snap. In Docker deployments, this could involve accessing application source code, configuration files, and mounted secrets. The fundamental flaw in the denylist approach means that any newly introduced filesystem path remains accessible until explicitly blocked.

Reproduction

The vulnerability can be reproduced by using the globalCopyFiles endpoint, which is available in the SiYuan API. This endpoint does not properly validate paths against the incomplete denylist, allowing files from the sensitive directories to be copied into the user's workspace. After the files are copied, they can be accessed through the getFile endpoint.

Remediation

Users can update to SiYuan version 3.6.2, which includes a complete fix for this vulnerability.