CVE-2021-3907

Name of the Vulnerable Software and Affected Versions OctoRPKI (affected versions not specified)

Description The issue allows a repository to create a file that can be written to disk outside the base cache folder due to a failure to escape a URI with a filename containing "..". This could enable remote code execution on the host machine running OctoRPKI. The vulnerability is related to directory traversal attacks, where the ExtractPathManifest function permits file paths containing relative directory components (".."), allowing files to reference arbitrary locations on the filesystem. For example, a repository could create a file using the rsync://example.org/repo/../../etc/cron.daily/evil.roa URI.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.