【PTP】qB4.5.1安全问题
PassthePopcorn:qBittorrent 4.5.1 WebUI VulnerabilityA vulnerability has been reported in qBittorrent 4.5.1 running on Windows with the webui enabled.
A bug allows a remote attack to read files and traverse your filesystem using the webui uri.
Please disable the webui to secure your machine and follow the bug report awaiting a fix!
The bug report can be found here: **** Hidden Message *****
Cheers,
-alamak
Confirmed by members to be vulnerable on:
qBit 4.5.1 - infinitycircuit
qBit 4.5.0 - flashgit
引用
qBittorrent & operating system versions
qBitTorrent version: 4.5.1 (latest stable as of today).
Operating System: Windows 10, version 22H2. x64 architecture.
What is the problem?
I ran a Nessus vulnerability scan on a machine running qBitTorrent and found that the Web UI can be used to access arbitrary files on the host's filesystem - unauthenticated - via what appears to be a path traversal vulnerability.
Have done some searches on your bug tracker for an existing bug report - and can't find one, some am raising this. Note that this is my first open source bug report - so apologies if I've missed anything. Please let me know if there's anything you need from me.
Steps to reproduce
If you were on my network, you'd do the following:
Enable the qBitTorrent web UI (in my case it runs on port 8080)
From a command prompt, run curl -i "http://192.168.2.8:8080/..\..\..\..\..\windows\win.ini"
Expected result: a 403 or 404 response
Actual result: the win.ini file from the remote machine is displayed
Have attached a screenshot where I create a file on the remote machine then retrieve that file unauthenticated from my laptop.
Additional context
楼主发贴辛苦了,谢谢楼主分享!
页:
[1]