BIT-nats-2022-26652
Arbitrary File Write vulnerability in v2 (Go)
What is BIT-nats-2022-26652 About?
This vulnerability in nats-server allows for arbitrary file write operations. This can lead to system compromise or data manipulation, and is likely straightforward to exploit for an attacker with appropriate access.
Affected Software
- github.com/nats-io/nats-server/v2
- >2.2.0, <2.7.4
- github.com/nats-io/nats-streaming-server
- >0.15.0, <0.24.3
Technical Details
The nats-server in github.com/nats-io/nats-server contains a flaw that permits unauthenticated or improperly authenticated arbitrary file write operations. This could stem from insufficient input validation on file paths or content, allowing an attacker to specify any location on the file system for writing. By injecting malicious paths (e.g., using '..' or absolute paths) combined with attacker-controlled content, critical system files could be overwritten, or new files could be created in sensitive locations, leading to denial of service, privilege escalation, or remote code execution.
What is the Impact of BIT-nats-2022-26652?
Successful exploitation may allow attackers to overwrite critical system files, inject malicious scripts, achieve remote code execution, cause denial of service, or otherwise compromise the integrity and availability of the system.
What is the Exploitability of BIT-nats-2022-26652?
Exploitation complexity could range from low to medium, depending on whether authentication is required and the specific attack vector. If unauthenticated file write is possible, it would be very easy to exploit. If authentication is required, an attacker would need access to a legitimate NATS user account. This vulnerability likely involves remote access. The primary risk factors include improper input validation and the ability of an attacker to control file paths and content, potentially leading to widespread system impact without significant prerequisites beyond network access.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for BIT-nats-2022-26652?
Available Upgrade Options
- github.com/nats-io/nats-streaming-server
- >0.15.0, <0.24.3 → Upgrade to 0.24.3
- github.com/nats-io/nats-server/v2
- >2.2.0, <2.7.4 → Upgrade to 2.7.4
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://github.com/nats-io/nats-server/security/advisories/GHSA-6h3m-36w8-hv68
- https://github.com/nats-io/nats-server/pull/2917
- https://github.com/nats-io/nats-server/releases
- https://nvd.nist.gov/vuln/detail/CVE-2022-26652
- https://github.com/nats-io/nats-streaming-server/releases/tag/v0.24.3
- https://github.com/nats-io/nats-server/releases/tag/v2.7.4
- http://www.openwall.com/lists/oss-security/2022/03/10/1
- https://github.com/nats-io/nats-server/security/advisories/GHSA-6h3m-36w8-hv68
- https://advisories.nats.io/CVE/CVE-2022-26652.txt
- https://osv.dev/vulnerability/GHSA-6h3m-36w8-hv68
What are Similar Vulnerabilities to BIT-nats-2022-26652?
Similar Vulnerabilities: CVE-2021-44228 , CVE-2023-28432 , CVE-2023-38831 , CVE-2022-21974 , CVE-2021-42342
