Plattform
go
Komponente
github.com/siyuan-note/siyuan/kernel
Behoben in
3.1.17
0.0.1
CVE-2024-55658 describes a Path Traversal vulnerability discovered in the SiYuan Kernel, the core component of the SiYuan note-taking application. This flaw allows attackers to read arbitrary files on the server by manipulating the /api/export/exportResources endpoint. The vulnerability impacts versions of SiYuan Kernel prior to 3.1.16. A fix has been released in version 3.1.16.
The primary impact of this vulnerability is the ability for an attacker to read any file accessible to the SiYuan Kernel process. This includes configuration files, database files, and potentially even source code. Successful exploitation could lead to the exposure of sensitive information such as API keys, passwords, and user data. While the vulnerability is not directly exploitable for remote code execution, the information gained could be used to further compromise the system or network. The attack vector involves crafting a malicious request to the /api/export/exportResources endpoint, manipulating the path to access files outside of the intended export directory.
CVE-2024-55658 was publicly disclosed on December 12, 2024. There is currently no indication of active exploitation in the wild, nor are there any publicly available proof-of-concept exploits. The vulnerability is not listed on the CISA KEV catalog at the time of this writing. The relatively straightforward nature of path traversal vulnerabilities suggests that a proof-of-concept may be developed in the near future.
Users of SiYuan who are running versions prior to 3.1.16 are at risk. This includes individuals using SiYuan for personal note-taking, as well as organizations deploying SiYuan for team collaboration or knowledge management. Shared hosting environments where SiYuan is installed are particularly vulnerable, as a compromise of one user's instance could potentially expose files belonging to other users on the same server.
• linux / server: Monitor access logs for requests to /api/export/exportResources containing path traversal sequences (e.g., ../, ../../).
grep '/api/export/exportResources.*../' /var/log/nginx/access.log• generic web: Use curl to test the endpoint with various path traversal payloads.
curl 'http://<siyuan_server>/api/export/exportResources?file=../../../../etc/passwd'• go: Examine the SiYuan Kernel source code for the /api/export/exportResources function and related file handling logic to identify potential vulnerabilities or insecure coding practices.
disclosure
Exploit-Status
EPSS
0.65% (71% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-55658 is to upgrade SiYuan Kernel to version 3.1.16 or later. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) rule to block requests to the /api/export/exportResources endpoint with suspicious path parameters. Additionally, restrict file system permissions for the SiYuan Kernel process to minimize the potential impact of a successful exploit. Review and harden the application's export functionality to prevent future path traversal vulnerabilities. After upgrading, confirm the fix by attempting to access a non-existent file via the /api/export/exportResources endpoint; the request should be denied.
Actualice SiYuan a la versión 3.1.16 o superior. Esta versión contiene una corrección para la vulnerabilidad de lectura arbitraria de archivos y path traversal. La actualización evitará que atacantes accedan a archivos sensibles en su sistema.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-55658 is a Path Traversal vulnerability in SiYuan Kernel allowing attackers to read arbitrary files via the /api/export/exportResources endpoint. It's rated HIGH severity.
Yes, if you are using SiYuan Kernel versions prior to 3.1.16, you are affected by this vulnerability and should upgrade immediately.
Upgrade SiYuan Kernel to version 3.1.16 or later. As a temporary workaround, implement a WAF rule to block suspicious path traversal requests.
There is currently no confirmed evidence of active exploitation, but the ease of exploitation suggests it's a potential risk.
Refer to the SiYuan GitHub repository and release notes for the latest security advisories and updates: https://github.com/siyuan-note/siyuan
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine go.mod-Datei hoch und wir sagen dir sofort, ob du betroffen bist.