Skip to main content

Siderolabs Omni CVE-2026-45723

LOW
Improper Input Validation (CWE-20)
2026-06-05 https://github.com/siderolabs/omni GHSA-c66c-vq6w-fvh5
2.7
CVSS 3.1 · GitHub Advisory

Severity by source

GitHub Advisory PRIMARY
2.7 LOW
AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

2
Source Code Evidence Fetched
Jun 05, 2026 - 15:51 vuln.today
Analysis Generated
Jun 05, 2026 - 15:51 vuln.today

DescriptionGitHub Advisory

Summary

managementServer.CreateSchematic (internal/backend/grpc/schematics.go) passes the caller-controlled TalosVersion field directly to imageFactoryClient.OverlaysVersions, which embeds it verbatim into a fmt.Sprintf("/version/%s/overlays/official", talosVersion) path template. url.URL.JoinPath resolves any ../ sequences in that path, allowing an authenticated Operator to rewrite the URL path and force Omni to issue HTTP GET requests to unintended paths on the configured image-factory server. Error body content from those unintended endpoints is returned to the caller.

Severity

  • Attack Vector: Network: exploited via the gRPC CreateSchematic API endpoint.
  • Attack Complexity: Low: once the attacker holds an Operator credential and has identified a media ID with an overlay, exploitation is a single API call.
  • Privileges Required: High: role.Operator is required, which has administrative capabilities on Omni.
  • User Interaction: None.
  • Scope: Unchanged: the traversal is constrained to the configured image-factory host; the attacker cannot redirect Omni to an arbitrary external server.
  • Confidentiality Impact: Low: error body content from unintended image-factory endpoints is reflected back to the operator, potentially leaking server-internal information.
  • Integrity Impact: None: only HTTP GET requests are issued; no write operations are performed.
  • Availability Impact: None.

Impact

  • Same-host path traversal: An authenticated Operator can force Omni to issue GET requests to arbitrary URL paths on the configured image-factory server, bypassing the intended versioned overlay API structure.
  • Error-body disclosure: HTTP error responses from unintended image-factory endpoints are reflected back to the operator, potentially leaking server-internal diagnostics or sensitive path content.
  • Internal network probing: In deployments using a private image-factory instance on an internal network, the attacker can probe endpoint existence and partial responses through error-text differences.
  • Depth control: By varying the number of ../ prefixes in talosVersion, the attacker can reach any path hierarchy on the image-factory host.

Credit

This vulnerability was discovered and reported by bugbunny.ai.

AnalysisAI

Path traversal in Siderolabs Omni's CreateSchematic gRPC endpoint allows an authenticated Operator to force the server to issue HTTP GET requests to arbitrary paths on the configured image-factory host by injecting ../ sequences into the TalosVersion field. The CVSS score of 2.7 (PR:H, C:L) reflects that exploitation requires a high-privilege Operator credential and yields only limited confidentiality impact - error body content from unintended image-factory endpoints is reflected back to the caller. No public exploit or CISA KEV listing exists at time of analysis, placing this in a low-priority patch tier for most deployments.

Technical ContextAI

The vulnerable code resides in internal/backend/grpc/schematics.go within the managementServer.CreateSchematic handler. The caller-supplied TalosVersion gRPC field is passed unsanitized to imageFactoryClient.OverlaysVersions, which embeds it verbatim into a fmt.Sprintf("/version/%s/overlays/official", talosVersion) path template. Go's url.URL.JoinPath resolves ../ dot-segment sequences per RFC 3986, allowing traversal above the intended path hierarchy. CWE-20 (Improper Input Validation) is the root cause class - the server trusts caller-controlled input for URL path construction without stripping traversal characters or canonicalizing the resulting path before use. The affected package is pkg:go/github.com_siderolabs_omni (Go module github.com/siderolabs/omni).

RemediationAI

Upgrade to Siderolabs Omni v1.6.6 for 1.6.x deployments or v1.7.3 for 1.7.x deployments; binaries and release notes are available at https://github.com/siderolabs/omni/releases/tag/v1.6.6 and https://github.com/siderolabs/omni/releases/tag/v1.7.3. Before upgrading to v1.6.6, operators must remove all deprecated flags and config keys introduced in v1.4.0 (including --audit-log-dir, --secondary-storage-path, --machine-log-storage-path, and others listed in the release notes) as their presence will cause startup failure. Operators upgrading from versions older than v1.4.0 must first upgrade to a v1.4.x release to complete data migrations before targeting v1.6.6. If immediate patching is not feasible, restrict role.Operator assignments to the minimum set of trusted accounts; this does not eliminate the vulnerability but reduces the attacker population. No other workarounds that address the root input-validation defect without patching are documented in the advisory.

Share

CVE-2026-45723 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy