SABnzbd allows arbitrary file write. The filesystem.renamer()
function allows writing of downloaded files outside the configured download folder using a malicious PAR2 file.
CPE | Name | Operator | Version |
---|---|---|---|
sabnzbdplus:sid | eq | 3.1.1+dfsg-1 | |
sabnzbdplus:buster | eq | 2.3.6+dfsg-1+deb10u1 |