Severity by source
Network-accessible Tor service, no authentication required, attacker writes files (integrity) and may exhaust disk (availability), no confidentiality impact.
Estimated by vuln.today — no official severity rating has been published for this CVE yet.
Lifecycle Timeline
1DescriptionCVE.org
[OnionShare Receive mode writes uploaded files even when file uploads are disabled]
AnalysisAI
OnionShare's Receive mode incorrectly writes uploaded files to disk even when the operator has explicitly disabled file uploads, allowing unauthenticated remote attackers over Tor to bypass the access-control setting and deposit files on the host system. This affects deployments where operators have configured the 'disable uploads' option with an expectation that no inbound file writes will occur. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the target to be running OnionShare in Receive mode with the file upload feature explicitly disabled via the application's configuration toggle. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Real-world risk is moderate. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker obtains the .onion address of an OnionShare instance running in Receive mode with file uploads disabled - for example, from a leaked link or public posting. The attacker submits a multipart file upload HTTP request to the .onion endpoint. … |
| Remediation | No vendor-released patch version is confirmed in the available data. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today