goshs Path Traversal Vulnerability in PUT Upload Prior to 2.0.0-beta.3
Vulnerability
A path traversal vulnerability has been identified in goshs, a SimpleHTTPServer written in Go, in versions through 2.0.0-beta.2. The issue arises in the PUT upload functionality of httpserver/updown.go, where uploaded file paths are not properly sanitized. This lack of sanitization allows for unauthenticated arbitrary file writes anywhere on the filesystem. The vulnerability is triggered by sending a PUT request with a crafted URL path that exploits the absence of path validation.
Impact
Exploitation of this vulnerability allows for unauthenticated arbitrary file writes to any location on the filesystem, potentially leading to overwriting critical system files or injecting malicious files that could be executed.
Reproduction
To reproduce this vulnerability, send a PUT request to the server with a URL path that includes URL-encoded traversal sequences. The server will accept the unsanitized path and write the uploaded file to the specified location, bypassing any directory restrictions.
Remediation
Users are advised to update to goshs version 2.0.0-beta.3 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.