etcd-browser icon indicating copy to clipboard operation
etcd-browser copied to clipboard
verified publisher icon henszey

Security Issue Identified

Open KevinRandall1337 opened this issue 2 years ago • 0 comments

Hello Developers:

Upon doing some security research, I have identified an issue pertaining to the server.js file of etcd-browser.

The application is vulnerable to a directory traversal vulnerability. This was identified from the docker instance found here: https://hub.docker.com/r/buddho/etcd-browser

This was installed on my local laptop. The issue identified is a Directory Traversal vulnerability where the server runs (Ex: Default port of 8000) Evidence available upon request. Directories accessed include: /etc/ and /proc along with others. Looking forward to hearing back.

KevinRandall1337 avatar Aug 09 '23 15:08 KevinRandall1337