Skip to main content

zrok CVE-2026-45576

HIGH
Path Traversal (CWE-22)
2026-05-19 https://github.com/openziti/zrok GHSA-c656-jcx2-7pqj
Path Traversal
Share

Lifecycle Timeline

2
Source Code Evidence Fetched
May 19, 2026 - 16:31 vuln.today
Analysis Generated
May 19, 2026 - 16:31 vuln.today

DescriptionNVD

Summary

Alice runs zrok2 copy from a WebDAV or zrok drive controlled by Bob into a local filesystem target. Bob returns a DAV href such as /../outside.txt. The sync pipeline stores that path in the source inventory and passes it to FilesystemTarget.WriteStream, which joins it with the target root and creates the file outside Alice's selected directory.

Impact

Users given access to a zrok share may be able to traverse the directory tree arbitrarily with the sharing users credentials, allowing for sensitive information to be overwritten.

AnalysisAI

Path traversal in OpenZiti zrok allows a malicious WebDAV/zrok share operator to write files outside the victim's selected destination directory when the victim runs 'zrok2 copy' against the attacker-controlled share. Affected versions include zrok v2 prior to 2.0.3 and the legacy zrok 0.4.23 through 1.1.11 (no fix released for the legacy line). …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: Identify all OpenZiti zrok v2 (pre-2.0.3) and legacy zrok (0.4.23-1.1.11) instances in your infrastructure. Within 7 days: Upgrade all zrok v2 installations to version 2.0.3 or later; for legacy zrok users, initiate migration to v2.0.3+ or implement network controls restricting copy operations to authorized sources. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-45576 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy