CVE-2021-29246
MEDIUMBTCPay Server < 1.0.7.0 - Authenticated Path Traversal and Remote Code Execution via Plugin Upload
Title source: llmDescription
BTCPay Server through 1.0.7.0 suffers from directory traversal, which allows an attacker with admin privileges to achieve code execution. The attacker must craft a malicious plugin file with special characters to upload the file outside of the restricted directory.
References (2)
Core 2
Core References
Release Notes, Third Party Advisory x_refsource_misc
https://github.com/btcpayserver/btcpayserver/releases
Vendor Advisory x_refsource_misc
https://blog.btcpayserver.org/vulnerability-disclosure-v1-0-7-0/
Scores
CVSS v3
6.7
EPSS
0.0155
EPSS Percentile
71.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-22
Status
published
Products (1)
btcpayserver/btcpay_server
< 1.0.7.0
Published
May 05, 2021
Tracked Since
Feb 18, 2026