Limited Black Friday Offer:

NocoDB version <= 0.106.1 - Arbitrary File Read CVE-2023-35843 Scanner

There is an arbitrary file read vulnerability in NocoDB version <= 0.106.1, which allow remote attackers to read arbitrary files.

Short Info

Level

High

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Url

Parent Category

NocoDB version <= 0.106.1 - Arbitrary File Read CVE-2023-35843 Scanner Detail

NocoDB through 0.106.0 (or 0.109.1) has a path traversal vulnerability that allows an unauthenticated attacker to access arbitrary files on the server by manipulating the path parameter of the /download route. This vulnerability could allow an attacker to access sensitive files and data on the server, including configuration files, source code, and other sensitive information.

https://advisory.dw1.io/60
https://github.com/nocodb/nocodb/blob/6decfa2b20c28db9946bddce0bcb1442b683ecae/packages/nocodb/src/lib/controllers/attachment.ctl.ts#L62-L74
https://github.com/nocodb/nocodb/blob/f7ee7e3beb91d313a159895d1edc1aba9d91b0bc/packages/nocodb/src/controllers/attachments.controller.ts#L55-L66