Vulnerability CVE-2020-16136


Published: 2020-07-31

Description:
In tgstation-server 4.4.0 and 4.4.1, an authenticated user with permission to download logs can download any file on the server machine (accessible by the owner of the server process) via directory traversal ../ sequences in /Administration/Logs/ requests. The attacker is unable to enumerate files, however.

Type:

CWE-732

CVSS2 => (AV:N/AC:L/Au:S/C:C/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.9/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Complete
None
None
Affected software
Tgstation13 -> Tgstation-server 

 References:
https://github.com/tgstation/tgstation-server
https://github.com/tgstation/tgstation-server/security/advisories/GHSA-r8pp-42wr-2gc4

Copyright 2020, cxsecurity.com

 

Back to Top