CVE-2024-40624— TorrentPier 安全漏洞

Deserialization of untrusted data in torrentpier/torrentpier

TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In `torrentpier/library/includes/functions.php`, `get_tracks()` uses the unsafe native PHP serialization format to deserialize user-controlled cookies. One can use phpggc and the chain Guzzle/FW1 to write PHP code to an arbitrary file, and execute commands on the system. For instance, the cookie bb_t will be deserialized when browsing to viewforum.php. This issue has been addressed in commit `ed37e6e52` which is expected to be included in release version 2.4.4. Users are advised to upgrade as soon as the new release is available. There are no known workarounds for this vulnerability.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

可信数据的反序列化

TorrentPier 安全漏洞

Torrentpier TorrentPier是Torrentpier公司的一个公牛驱动的 BitTorrent 公共/私人跟踪器引擎。 TorrentPier存在安全漏洞，该漏洞源于 get_tracks 方法使用不安全的原生PHP序列化格式来反序列化用户控制的cookie。

N/A

N/A