Copyparty, Missing Authorization, CVE-2025-58753 (High)

Listen to this Post

The vulnerability, assigned CVE-2025-58753, is a missing permission check in the Copyparty file server’s sharing feature (shr global-option) . It specifically affects scenarios where an administrator creates a share for a single file within a folder . Due to this flaw, a user accessing the share via FTP or SFTP (not HTTP/HTTPS) could bypass the intended restriction and gain read-access to other files located in the same directory . This is achieved by simply guessing or brute-forcing the filenames of the sibling files . The issue does not allow access to files in subdirectories and does not affect files protected by filekeys or dirkeys . The vulnerability was originally fixed for HTTP/HTTPS, but the fix was not applied to the FTP/SFTP protocols at that time . A complete patch was ultimately implemented in version 1.19.8 .

dailycve form:

Platform: Copyparty portable server
Version: before 1.19.8
Vulnerability : Missing permission check
Severity: High (7.5)
date: Mar 11 2026

Prediction: Already patched

What Undercode Say:

Analytics:

  • Vulnerability Scope: Only affects single-file shares created with the `shr` option.
  • Affected Protocols: FTP and SFTP; HTTP/HTTPS and FTPS were not vulnerable.
  • Access Limitations: Restricted to sibling files in the same directory; no subdirectory traversal.
  • CWE Mapping: CWE-552 (Files or Directories Accessible to External Parties) and CWE-862 (Missing Authorization).
  • Fix Commit: The patch was implemented in commit `e0a92ba` and released in version v1.19.8.

Exploit:

Example: If a share for "public.doc" exists in a folder, an attacker could try to access other files.
Connect via FTP/SFTP to the share root.
ftp> ls
The server might only show "public.doc", but the vulnerability allows requests for other files.
ftp> get private_financial.pdf
If the file exists in the same directory, the server might erroneously grant access.
Simple brute-force concept using a wordlist and a tool like curl for WebDAV or an FTP client.
This is a conceptual example; actual exploitation requires an FTP/SFTP connection.
for word in $(cat filenames.txt); do
echo "Attempting to download: $word"
Command to download file via FTP/SFTP would go here.
Example: wget --ftp-user=user --ftp-password=pass ftp://server/share/$word
done

Protection from this CVE:

  • Immediate Patching: Upgrade Copyparty to version 1.19.8 or later immediately .
  • Configuration Review: Avoid creating single-file shares in folders containing other sensitive documents.
  • Principle of Least Privilege: Ensure user accounts have the minimum necessary permissions.
  • Monitor Logs: Check for unusual or repeated access attempts (filename enumeration) to shared directories.
  • Use Strong Access Controls: Where possible, utilize filekeys or dirkeys to protect sensitive files, as these mechanisms are unaffected by this vulnerability .

Impact:

  • Confidentiality Breach: An attacker can gain unauthorized read-access to sensitive files stored alongside a legitimately shared file .
  • Data Leakage: Potential exposure of confidential documents, configuration files, or other data through filename enumeration .
  • Limited Scope: The impact is confined to the specific shared folder and does not allow system-wide compromise or modification/deletion of files .
  • Risk Level: Classified as HIGH severity (CVSS 3.1 score 7.5) due to the network attack vector, low complexity, and high confidentiality impact .

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top