Echo
Monthly
Path-based access control bypass in the LabStack Echo Go web framework (versions prior to 4.15.3 and 5.2.0) lets remote attackers retrieve protected static files without authorization. The flaw stems from the router matching routes on the raw encoded path (keeping %2F literal) while StaticDirectoryHandler decodes %2F to '/' before filesystem resolution, so a crafted URL slips past route-level guards. There is no public exploit identified at time of analysis and no CISA KEV listing; CVSS is 7.5 (confidentiality-only).
Unauthenticated remote file read in Echo web framework versions 5.0.0-5.0.2 on Windows allows attackers to traverse outside the static root directory and access arbitrary files via backslash path sequences in requests. The vulnerability stems from improper path normalization where path.Clean() does not treat backslashes as separators, but the underlying os.Open() call on Windows does, enabling directory traversal. Public exploit code exists for this medium-severity vulnerability, though a patch is available in version 5.0.3.
An issue was discovered in Veal98 Echo Open-Source Community System 2.2 thru 2.3 allowing an unauthenticated attacker to cause the server to send email verification messages to arbitrary users via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The Echo extension for MediWiki does not properly implement the hideuser functionality, which allows remote authenticated users to see hidden usernames in "non-revision based" notifications, as. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
Path-based access control bypass in the LabStack Echo Go web framework (versions prior to 4.15.3 and 5.2.0) lets remote attackers retrieve protected static files without authorization. The flaw stems from the router matching routes on the raw encoded path (keeping %2F literal) while StaticDirectoryHandler decodes %2F to '/' before filesystem resolution, so a crafted URL slips past route-level guards. There is no public exploit identified at time of analysis and no CISA KEV listing; CVSS is 7.5 (confidentiality-only).
Unauthenticated remote file read in Echo web framework versions 5.0.0-5.0.2 on Windows allows attackers to traverse outside the static root directory and access arbitrary files via backslash path sequences in requests. The vulnerability stems from improper path normalization where path.Clean() does not treat backslashes as separators, but the underlying os.Open() call on Windows does, enabling directory traversal. Public exploit code exists for this medium-severity vulnerability, though a patch is available in version 5.0.3.
An issue was discovered in Veal98 Echo Open-Source Community System 2.2 thru 2.3 allowing an unauthenticated attacker to cause the server to send email verification messages to arbitrary users via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The Echo extension for MediWiki does not properly implement the hideuser functionality, which allows remote authenticated users to see hidden usernames in "non-revision based" notifications, as. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.