This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Convoy Panel < 4.4.1 suffers from a **Directory Traversal** flaw in the `LocaleController`.β¦
π‘οΈ **Root Cause**: **CWE-22 (Improper Limitation of a Pathname to a Restricted Directory)**. The `LocaleController` fails to sanitize user input, allowing path manipulation to escape the intended directory structure.
Q3Who is affected? (Versions/Components)
π₯ **Affected**: **Convoy Panel** versions **prior to 4.4.1**. Specifically targets the **LocaleController** component used by hosting providers and enthusiasts.
β‘ **Exploitation Threshold**: **LOW**. CVSS Vector `AV:N/AC:L/PR:N/UI:N` means: π Network accessible. π― Low complexity. π No authentication required. π€ No user interaction needed. Easy to exploit!
Q6Is there a public Exp? (PoC/Wild Exploitation)
π¦ **Public Exploit**: **No**. The `pocs` field is empty. However, the vulnerability is confirmed via GitHub Advisory (GHSA-43g3-qpwq-hfgg). Wild exploitation is likely imminent given the low barrier.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Scan for Convoy Panel instances. Check version numbers. Look for `LocaleController` endpoints in network traffic.β¦
β **Official Fix**: **YES**. Patched in **Convoy Panel 4.4.1**. π Commit: `f8d6202f3e4912b65dbd9f80ba625576944ab36c`. Update immediately to the latest version.
Q9What if no patch? (Workaround)
π§ **No Patch Workaround**: If you cannot update: π« Restrict network access to the panel (Firewall/WAF). π Disable the `LocaleController` if possible. π Monitor logs for unusual file access patterns.
Q10Is it urgent? (Priority Suggestion)
π₯ **Urgency**: **CRITICAL**. CVSS Score is **High** (likely 9.8+). No auth required. Public advisory exists. **Action**: Patch NOW. Do not wait for an exploit to appear in the wild.