Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
3DescriptionGitHub Advisory
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the POST /api/filesystem/pathexists endpoint uses String.startsWith() to validate that a resolved file path is within a library folder. This check fails for sibling directories whose names share a common prefix (e.g., /audiobooks vs /audiobooks-private), allowing authenticated users with upload permission to probe file existence outside their authorized library folder boundaries. This vulnerability is fixed in 2.32.2.
AnalysisAI
Authenticated users with upload permission in Audiobookshelf prior to 2.32.2 can enumerate files outside their authorized library folder through a path traversal vulnerability in the POST /api/filesystem/pathexists endpoint. The vulnerability exploits a weak String.startsWith() validation that fails to distinguish between sibling directories with shared prefixes (e.g., /audiobooks and /audiobooks-private), allowing information disclosure about file existence across library boundaries despite authentication requirements. No public exploit code or active exploitation has been identified at time of analysis.
Technical ContextAI
Audiobookshelf uses String.startsWith() to validate that resolved file paths remain within a user's authorized library directory, a common but flawed approach to path boundary checking. This method fails when directory names share prefixes - for example, if a user is authorized for /audiobooks, the path /audiobooks-private would pass validation because it starts with /audiobooks, even though the real path is outside the intended boundary. This is a classic instance of CWE-22 (Improper Limitation of a Pathname to a Restricted Directory), where insufficient canonicalization and validation of file path input allows directory traversal. The vulnerability is specific to the POST /api/filesystem/pathexists endpoint, which appears to be used to check file existence without enforcing proper scope isolation.
RemediationAI
Upgrade Audiobookshelf to version 2.32.2 or later, which corrects the path validation logic to properly check for path boundaries without relying on prefix matching. If immediate upgrade is not feasible, restrict upload permission to trusted users only and monitor POST requests to /api/filesystem/pathexists for unusual path patterns (e.g., requests probing sibling directories or parent paths). Note that this compensating control does not eliminate the vulnerability but reduces the pool of potential attackers and may increase detection likelihood. The patch is available from the official Audiobookshelf repository and should be deployed after testing in a non-production environment to ensure compatibility with custom library configurations.
More in Audiobookshelf
View allAudiobookshelf is a self-hosted audiobook and podcast server. Rated high severity (CVSS 8.2), this vulnerability is remo
Audiobookshelf is a self-hosted audiobook and podcast server. Rated medium severity (CVSS 6.9), this vulnerability is re
Audiobookshelf is a self-hosted audiobook and podcast server. Rated medium severity (CVSS 6.5), this vulnerability is re
Audiobookshelf is a self-hosted audiobook and podcast server. Rated medium severity (CVSS 6.5), this vulnerability is re
Stored XSS in Audiobookshelf prior to version 2.32.0 enables privileged users to inject malicious code into library meta
Audiobookshelf is a self-hosted audiobook and podcast server. Rated medium severity (CVSS 4.8), this vulnerability is re
audiobookshelf is a self-hosted audiobook and podcast server. Rated medium severity (CVSS 4.3), this vulnerability is re
Audiobookshelf is a self-hosted audiobook and podcast server. Rated high severity (CVSS 7.5), this vulnerability is remo
Audiobookshelf is a self-hosted audiobook and podcast server. Rated high severity (CVSS 7.5), this vulnerability is remo
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the podcast creation endpoint at server/c
Authenticated users with download permissions in Audiobookshelf prior to 2.32.2 can download files from libraries they d
Denial-of-service in Audiobookshelf prior to version 2.32.2 allows authenticated admin users to crash the server by uplo
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-29208