CVE-2020-16136
HIGHtgstation-server 4.4.0-4.4.1 - Authenticated Path Traversal via Log Download Endpoint
Title source: llmDescription
In tgstation-server 4.4.0 and 4.4.1, an authenticated user with permission to download logs can download any file on the server machine (accessible by the owner of the server process) via directory traversal ../ sequences in /Administration/Logs/ requests. The attacker is unable to enumerate files, however.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_misc
https://github.com/tgstation/tgstation-server
Third Party Advisory x_refsource_misc
https://github.com/tgstation/tgstation-server/security/advisories/GHSA-r8pp-42wr-2gc4
Scores
CVSS v3
7.7
EPSS
0.0206
EPSS Percentile
78.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Details
CWE
CWE-22
Status
published
Products (2)
tgstation13/tgstation-server
4.4.0
tgstation13/tgstation-server
4.4.1
Published
Jul 31, 2020
Tracked Since
Feb 18, 2026