Openlist
Monthly
OpenList versions prior to 4.1.10 disable TLS certificate verification by default in storage driver communications, enabling man-in-the-middle attacks where network-positioned attackers can intercept, decrypt, and manipulate all data exchanges with storage backends. This misconfiguration affects any deployment relying on OpenList Frontend's default settings and can be exploited via ARP spoofing, rogue access points, or compromised network infrastructure to redirect traffic to attacker-controlled servers. A patch is available in version 4.1.10 and later.
OpenList Frontend versions prior to 4.1.10 contain a path traversal vulnerability in file operation handlers that allows authenticated users to bypass directory restrictions and access other users' files on the same storage mount. An attacker can exploit this by injecting ".." sequences into filename parameters to perform unauthorized file operations including deletion, renaming, and copying across user boundaries. Public exploit code exists for this vulnerability, which is resolved in version 4.1.10.
OpenList versions prior to 4.1.10 disable TLS certificate verification by default in storage driver communications, enabling man-in-the-middle attacks where network-positioned attackers can intercept, decrypt, and manipulate all data exchanges with storage backends. This misconfiguration affects any deployment relying on OpenList Frontend's default settings and can be exploited via ARP spoofing, rogue access points, or compromised network infrastructure to redirect traffic to attacker-controlled servers. A patch is available in version 4.1.10 and later.
OpenList Frontend versions prior to 4.1.10 contain a path traversal vulnerability in file operation handlers that allows authenticated users to bypass directory restrictions and access other users' files on the same storage mount. An attacker can exploit this by injecting ".." sequences into filename parameters to perform unauthorized file operations including deletion, renaming, and copying across user boundaries. Public exploit code exists for this vulnerability, which is resolved in version 4.1.10.