Ausnahme gefangen: SSL certificate problem: certificate is not yet valid ๐Ÿ“Œ Node.js third-party modules: [zenn-cli] Path traversal on Windows allows the attacker to read arbitrary .md files
Team IT Security Nachrichtenportal Logo

๐Ÿ  Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, Blogbeitrรคge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden รœberblick รผber die wichtigsten Aspekte der IT-Sicherheit in einer sich stรคndig verรคndernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch รผbersetzen, erst Englisch auswรคhlen dann wieder Deutsch!

Google Android Playstore Download Button fรผr Team IT Security
RSS Feed Symbol fรผr Team IT Security 800+ IT News als RSS Feed abonnieren



๐Ÿ“š Node.js third-party modules: [zenn-cli] Path traversal on Windows allows the attacker to read arbitrary .md files


๐Ÿ’ก Newskategorie: Sicherheitslรผcken
๐Ÿ”— Quelle: vulners.com


image
Summary I would like to report path traversal in zenn-cli. It allows the attacker to read arbitrary .md files. Module module name: zenn-cli version: 0.1.39 npm page: https://www.npmjs.com/package/zenn-cli Module Description Manage Zenn content locally ?โ€? Module Stats 885 weekly downloads Vulnerability Vulnerability Description Due to improper sanitization in this line, it's possible to bypass sanitization via \ on Windows and allows the attacker to read arbitrary .md file from the victim's machine. Steps To Reproduce: Create test directory: mkdir zenn-test && zenn-test Initialize npm project: npm init --yes Install zenn-cli: npm install zenn-cli Initialize zenn-cli: npx zenn init Create an article: npx zenn new:article Start preview server: npx zenn preview Open http://localhost:8000 in your browser. Click an article that you created in step 5. Find the URL in the following format from the Network tab of DevTools: http://localhost:8000/_next/data/[Random String]/articles/[Slug of an article].json Modify the URL you found above to the following and send request: http://localhost:8000/_next/data/[Copy the random string from step 9]/articles/%5c..%5cREADME.json You'll receive the content of the README.md that is in outside of articles directory. Patch `` diff --git a/packages/zenn-cli/utils/api/articles.ts b/packages/zenn-cli/utils/api/articles.ts index 294e7f3..06bfc7f 100644 --- a/packages/zenn-cli/utils/api/articles.ts +++ b/packages/zenn-cli/utils/api/articles.ts @@... ...



Sharing is caring on Social Media

๐Ÿ”— Reddit
๐Ÿ”— Telegram
๐Ÿ”— LinkedIn
๐Ÿ”— Xing
๐Ÿ”— Twitter
๐Ÿ”— Whatsapp
๐Ÿ”— Facebook
๐Ÿ”— Flipboard

Join the Team IT Security Community

๐Ÿ”— "IT Sicherheit" Reddit-Gruppe
๐Ÿ”— "IT Sicherheit" Telegramm-Seite

๐Ÿ“Œ Scenaro : 1. Victim opens the attackerโ€™s web site. 2. Attacker sets up a web site which contain interesting and attractive content like โ€˜Do you want to make $1000 in a day? 3. Victim clicks to the interesting and attractive content URL. 4. Attacker c


๐Ÿ“ˆ 42.77 Punkte

๐Ÿ“Œ U.S. Dept Of Defense: Path traversal on https://โ–ˆโ–ˆโ–ˆ allows arbitrary file read (CVE-2020-3452)


๐Ÿ“ˆ 39.52 Punkte

๐Ÿ“Œ The second-most popular delivery method is cve-2017-11882, a patched microsoft vulnerability that allows the attacker to perform arbitrary code-execution.


๐Ÿ“ˆ 32.82 Punkte

๐Ÿ“Œ A vulnerability in VoIPmonitor allows an unauthenticated attacker to execute arbitrary code: CVE-2021-30461


๐Ÿ“ˆ 32.82 Punkte

๐Ÿ“Œ A vulnerability in the way KerioConnect processes HTML attachments, allows an attacker to inject arbitrary code into an email and take full control over the victimsโ€™ mailbox


๐Ÿ“ˆ 32.82 Punkte

๐Ÿ“Œ Homebrew: Broken parsing of Git diff allows an attacker to inject arbitrary Ruby scripts to Casks on official taps


๐Ÿ“ˆ 32.82 Punkte

๐Ÿ“Œ Bugtraq: OSS-2016-02: Weak authentication in NXP Hitag S transponder allows an attacker to read, write and clone any tag


๐Ÿ“ˆ 32.1 Punkte

๐Ÿ“Œ Bugtraq: OSS-2016-02: Weak authentication in NXP Hitag S transponder allows an attacker to read, write and clone any tag


๐Ÿ“ˆ 32.1 Punkte

๐Ÿ“Œ The flaw in the popular file uploader allows an attacker to upload files and run their own command line shell on any affected server.


๐Ÿ“ˆ 31.31 Punkte

๐Ÿ“Œ An attacker can use rowhammer attacker to induce bit flips, thereby leaking the victim's secret data via a side channel.


๐Ÿ“ˆ 28.51 Punkte

๐Ÿ“Œ Attacker-Group-Predictor - Tool To Predict Attacker Groups From The Techniques And Software Used


๐Ÿ“ˆ 28.51 Punkte

๐Ÿ“Œ Node.js: Path traversal through path stored in Uint8Array


๐Ÿ“ˆ 28.33 Punkte

๐Ÿ“Œ Internet Bug Bounty: Path traversal through path stored in Uint8Array in Node.js 20


๐Ÿ“ˆ 28.33 Punkte

๐Ÿ“Œ Windows Zero-Day Bug Allows Overwriting Files with Arbitrary Data


๐Ÿ“ˆ 27.5 Punkte

๐Ÿ“Œ CVE-2005-10002 | almosteffortless secure-files Plugin up to 1.1 on WordPress secure-files.php sf_downloads downloadfile path traversal


๐Ÿ“ˆ 27.22 Punkte

๐Ÿ“Œ 772 third parties can access your Outlook data; โ€œallows Microsoft to read the emailsโ€


๐Ÿ“ˆ 27.12 Punkte

๐Ÿ“Œ PHP Project Management /modules/files/list.php def_lang directory traversal


๐Ÿ“ˆ 25.82 Punkte

๐Ÿ“Œ PowerPortal 1.1b/1.3/1.3b modules.php files directory traversal


๐Ÿ“ˆ 25.82 Punkte

๐Ÿ“Œ CVE-2022-34375 | Dell Container Storage Modules 1.2 goiscsi/gobrick path traversal (dsa-2022-202)


๐Ÿ“ˆ 25.66 Punkte

๐Ÿ“Œ Bugtraq: Seagate Media Server allows deleting of arbitrary files and folders


๐Ÿ“ˆ 25.63 Punkte

๐Ÿ“Œ SHAREit App Vulnerabilities Allows Hackers to Bypass Android Device & Download Arbitrary Files Remotely


๐Ÿ“ˆ 25.63 Punkte

๐Ÿ“Œ SHAREit App Vulnerabilities Allows Hackers to Bypass Android Device & Download Arbitrary Files Remotely


๐Ÿ“ˆ 25.63 Punkte

๐Ÿ“Œ Jscythe - Abuse The Node.Js Inspector Mechanism In Order To Force Any Node.Js/Electron/V8 Based Process To Execute Arbitrary Javascript Code


๐Ÿ“ˆ 25.23 Punkte

๐Ÿ“Œ Practical C++20 Modules and the future of tooling around C++ Modules with Cameron DaCamara


๐Ÿ“ˆ 25.15 Punkte

๐Ÿ“Œ GitHub - ZehMatt/zasm-modules: Generating binary modules with zasm


๐Ÿ“ˆ 25.15 Punkte

๐Ÿ“Œ [remote] - macOS HelpViewer 10.12.1 - XSS Leads to Arbitrary File Execution and Arbitrary File Read


๐Ÿ“ˆ 25.02 Punkte

๐Ÿ“Œ Privilege Escalation Flaw in Cisco ASA Allows Attackers To Read or Write Files in the System


๐Ÿ“ˆ 24.91 Punkte

๐Ÿ“Œ Privilege Escalation Flaw in Cisco ASA Allows Attackers To Read or Write Files in the System


๐Ÿ“ˆ 24.91 Punkte

๐Ÿ“Œ WhatsApp Vulnerability Allows For an Attacker to Crash The App and Delete Group Chats


๐Ÿ“ˆ 24.24 Punkte

๐Ÿ“Œ Alexa, are you listening? The Amazon Echo is vulnerable to a physical attack that allows an attacker to gain a root shell on the underlying Linux operating system and install malware without leaving physical evidence of tampering.


๐Ÿ“ˆ 24.24 Punkte

๐Ÿ“Œ Analysis of Android SuperVPN app that allows attacker to exchange VPN gateway


๐Ÿ“ˆ 24.24 Punkte

๐Ÿ“Œ Google Android RCE Bug Allows Attacker Full Device Access


๐Ÿ“ˆ 24.24 Punkte

๐Ÿ“Œ Google Android RCE Bug Allows Attacker Full Device Access


๐Ÿ“ˆ 24.24 Punkte

๐Ÿ“Œ Slipstream - NAT Slipstreaming Allows An Attacker To Remotely Access Any TCP/UDP Services Bound To A Victim Machine, Bypassing The Victim's NAT/firewall, Just By The Victim Visiting A Website


๐Ÿ“ˆ 24.24 Punkte

๐Ÿ“Œ TikTok: Lack of rate limitation on careers site allows the attacker to brute force the verification code


๐Ÿ“ˆ 24.24 Punkte











matomo

Kontakt

24/7 kontakt@tsecurity.de

Weitere Informationen

Google Android Playstore Download Button fรผr Team IT Security
๐Ÿ”— Impressum
๐Ÿ”— Datenschutz
Paypal Spenden fรผr Projekt

Social Media

๐Ÿ”— Facebook
๐Ÿ”— Reddit
๐Ÿ”— Team IT Security als Elektron App
๐Ÿ”— © 2015-2023 Team IT Security Nachrichtenportal รผber Cybersecurity
๐Ÿ”— CMS "myDraft" a PHP Portal Software