Listen to this Post
The vulnerability resides in the TinaCMS CLI development server (tinacms dev), which by default listens on port 4001 and exposes media endpoints such as /media/list/, /media/upload/, and /media/. These endpoints process user-supplied path segments by first decoding them with decodeURI() and then joining them with the configured media directory using path.join(). No validation is performed to ensure that the final resolved path stays within the intended media folder. An attacker can supply directory traversal sequences (e.g., ../../../etc/passwd) in the URL. Because decodeURI() converts percent-encoded characters (like %2e%2e%2f) to their literal form, the path.join() operation resolves the traversal, allowing access to arbitrary files on the filesystem. The vulnerable code in the file upload handler directly pipes an uploaded file to a write stream created from the unsanitized path, enabling arbitrary file writes. Similarly, the list and delete endpoints suffer from the same flaw, permitting unauthorized file reads and deletions. This can lead to full system compromise in development environments, especially when the server is exposed via cloud IDEs, port forwarding, or misconfigurations. The permissive CORS policy further widens the attack surface, but exploitation does not rely on it. The issue is fixed in TinaCMS version 1.6.2 by adding proper path resolution and validation to ensure all operations remain within the media root.
Platform: TinaCMS CLI
Version: before 1.6.2
Vulnerability: Path Traversal
Severity: Critical
date: 2024-05-24
Prediction: Patched 2024-05-24
What Undercode Say:
Analytics:
- Attackers can read sensitive files like /etc/passwd, .env, SSH keys.
- Arbitrary file write leads to RCE by overwriting scripts or configs.
- Over 5,000 public GitHub projects may use vulnerable TinaCMS versions.
- Exploitation trivial: single curl command with traversal sequences.
Bash commands (PoC):
Arbitrary File Read
curl “http://localhost:4001/media/list/../../../etc/passwd”
Arbitrary File Write
echo “malicious content” > /tmp/payload.txt
curl –path-as-is -X POST “http://localhost:4001/media/upload/../../../../../../tmp/pwned.txt” -F “file=@/tmp/payload.txt”
Arbitrary File Delete
echo “delete me” > /tmp/delete-test.txt
curl –path-as-is -X DELETE “http://localhost:4001/media/../../../../../../tmp/delete-test.txt”
Exploit:
The exploit leverages path traversal via URL manipulation. The server decodes percent-encoded characters, so an attacker can use %2e%2e%2f to represent “../”. Combined with path.join(), the resolved path escapes the media directory. For write operations, a multipart file upload is sent to the /media/upload/ endpoint with a traversal payload. The server then writes the file to the attacker-controlled location. For read, the /media/list/ endpoint returns directory listings; appending traversal grants access to any file. Delete operations use the DELETE method on /media/ with traversal.
Protection from this CVE:
- Upgrade to TinaCMS 1.6.2 or later.
- If upgrade not possible, restrict access to the dev server (bind only to 127.0.0.1, use firewall rules).
- Avoid exposing port 4001 to untrusted networks.
- Implement input validation: reject any path containing “..” or absolute paths.
- Use a middleware to verify that resolved paths stay within the media root.
Impact:
Successful exploitation allows an attacker to read any file the server process can access (including configuration files, source code, credentials), write arbitrary files (leading to remote code execution by overwriting executable files or startup scripts), and delete critical files (causing denial of service or data loss). In typical development setups, this can compromise the entire host or container, potentially leading to lateral movement. The vulnerability is especially dangerous in cloud IDE environments where the dev server may be inadvertently exposed to the internet.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode

