【PTP】qB4.5.1安全问题

PassthePopcorn：qBittorrent 4.5.1 WebUI Vulnerability



A vulnerability has been reported in qBittorrent 4.5.1 running on Windows with the webui enabled.

A bug allows a remote attack to read files and traverse your filesystem using the webui uri.

Please disable the webui to secure your machine and follow the bug report awaiting a fix!


The bug report can be found here:

游客，如果您要查看本帖隐藏内容请回复

Cheers,

-alamak
                                                                                                                             
Confirmed by members to be vulnerable on:
qBit 4.5.1 - infinitycircuit
qBit 4.5.0 - flashgit
引用

qBittorrent & operating system versions

qBitTorrent version: 4.5.1 (latest stable as of today).
Operating System: Windows 10, version 22H2. x64 architecture.

What is the problem?

I ran a Nessus vulnerability scan on a machine running qBitTorrent and found that the Web UI can be used to access arbitrary files on the host's filesystem - unauthenticated - via what appears to be a path traversal vulnerability.

Have done some searches on your bug tracker for an existing bug report - and can't find one, some am raising this. Note that this is my first open source bug report - so apologies if I've missed anything. Please let me know if there's anything you need from me.
Steps to reproduce

If you were on my network, you'd do the following:

Enable the qBitTorrent web UI (in my case it runs on port 8080)
From a command prompt, run curl -i "http://192.168.2.8:8080/..\..\..\..\..\windows\win.ini"

Expected result: a 403 or 404 response
Actual result: the win.ini file from the remote machine is displayed

Have attached a screenshot where I create a file on the remote machine then retrieve that file unauthenticated from my laptop.
Additional context

楼主发贴辛苦了，谢谢楼主分享！