漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
FileBrowser Quantum: Path Traversal in public share PATCH allows file ops outside shared directory
Vulnerability Description
FileBrowser Quantum is a free, self-hosted, web-based file manager. Versions prior to 1.3.2-stable, 1.4.0-beta and 1.4.1-beta are vulnerable to Path Traversal through the publicPatchHandler in backend/http/public.go which joins user-controlled fromPath and toPath body fields with the trusted d.share.Path BEFORE the downstream sanitizer runs. Because filepath.Join collapses .. segments during the join, the sanitizer in resourcePatchHandler never sees the traversal and the move/copy/rename operates on a path outside the shared directory. The same root-cause pattern was patched for the bulk DELETE endpoint as CVE-2026-44542 (GHSA-fwj3-42wh-8673), but the PATCH handler with the identical pattern was not updated. A public share link with AllowModify=true is sufficient to exploit this. Anyone holding such a link can move, copy, or rename arbitrary files within the share owner's source root. This issue has been fixed in versions 1.3.3-stable and 1.4.2-beta.
CVSS Information
N/A
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Graham Steffaniak FileBrowser Quantum 路径遍历漏洞
Vulnerability Description
gtsteffaniak filebrowser是gtsteffaniak的文件管理服务器。 Graham Steffaniak FileBrowser Quantum存在路径遍历漏洞,该漏洞源于后端publicPatchHandler在清理器运行之前将用户控制的fromPath和toPath字段与可信的d.share.Path连接,filepath.Join在连接时折叠..段,导致resourcePatchHandler中的清理器无法检测到路径遍历,从而允许在共享目录之外操作文件。以下版本受到影响:1.
CVSS Information
N/A
Vulnerability Type
N/A