Listen to this Post
How the vulnerability works
The vulnerability exists in Portainer’s backup‑restore functionality.
When a `.tar.gz` archive is uploaded, Portainer calls `ExtractTarGz()` in api/archive/targz.go.
Before the fix, this function constructed the final write path with filepath.Clean(filepath.Join(outputDirPath, header.Name)).
`filepath.Join()` lexically resolves `../` components, and `filepath.Clean()` normalises the result, but neither verifies that the resulting path stays inside outputDirPath.
Therefore, a malicious archive can contain a tar entry such as ../../etc/cron.d/evil.
When that path is cleaned and joined, it points to a location outside the extraction root.
Because the tar extraction does not enforce a “path containment” check, Portainer will write the file to that arbitrary location on the server filesystem.
This allows an attacker to bypass the intended directory restriction and write files anywhere the Portainer process has permission to write (in containerised deployments this is typically root).
The attack is classified as CWE‑22 (Improper Limitation of a Pathname to a Restricted Directory, i.e., “Path Traversal”).
DailyCVE form
Platform: `Portainer`
Version: `< 2.39.0`
Vulnerability: `Path Traversal`
Severity: `Medium`
date: `2026-05-07`
Prediction: `2.39.1 (~1 month)`
What Undercode Say:
Search for vulnerable function calls in the codebase grep -r "filepath.Clean(filepath.Join" ./api/archive/ Reproduce the path traversal locally mkdir -p test_restore echo "malicious" > payload.txt tar -czf evil.tar.gz -C /tmp ../../etc/cron.d/evil (illustrative) Upload evil.tar.gz to /api/restore and observe file written outside test_restore/
Exploit:
Crafted `.tar.gz` with entries like `../../etc/cron.d/backdoor` → extracted outside intended directory → arbitrary file write (e.g., cron job, SSH authorized_keys).
Protection:
Upgrade to Portainer ≥2.39.0 or apply backport ≥2.33.8.
Use encrypted backups (passphrase required before extraction).
Validate all paths against a whitelist after cleaning.
Impact:
Arbitrary file write → host persistence (cron, SSH keys) or config tampering. Limited by need for admin privileges.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode

