7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
19.9%
github.com/schollz/croc is vulnerable to Arbitrary File Write through crafted File Paths. The vulnerability is due to the Croc protocol which allows senders to specify sn arbitrary path for a file transfer. If the recipient doesn’t already have a file with the same name, an attacker can exploit this to write files beyond the intended directory by altering file paths without the recipient’s notice. By guessing or determine the receiver’s home directory path, and using relative paths such as ../.ssh/authorized_keys
, an attacker can potentially compromise the recipient’s system.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/schollz/croc | le | v9.6.5 | |
github.com/schollz/croc | le | v9.6.5 |