Описание
In h2oai/h2o-3 version 3.46.0, the endpoint for exporting models does not restrict the export location, allowing an attacker to export a model to any file in the server's file structure, thereby overwriting it. This vulnerability can be exploited to overwrite any file on the target server with a trained model file, although the content of the overwrite is not controllable by the attacker.
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:h2o:h2o:3.46.0:*:*:*:*:*:*:*
EPSS
Процентиль: 35%
0.00145
Низкий
7.1 High
CVSS3
Дефекты
CWE-36
Связанные уязвимости
CVSS3: 7.1
github
11 месяцев назад
H2O Vulnerable to Arbitrary File Overwrite via File Export
EPSS
Процентиль: 35%
0.00145
Низкий
7.1 High
CVSS3
Дефекты
CWE-36