PSA: 海报功能存在目录穿越漏洞

[imlonghao]

确认

• 我的版本是最新版本，我的版本号与 version 相同。
• 我已经查阅了已知问题，并确认我的问题不在其中。
• 我已经 issue 中搜索过，确认我的问题没有被提出过。
• 我已经修改标题，将标题中的 描述 替换为我遇到的问题。

当前程序版本

3.1.18

问题类型

程序运行问题

问题描述

漏洞说明

/backend/src/main.py 中的 posters 方法存在目录穿越漏洞，攻击者可以通过此漏洞任意读取系统内的文件

Auto_Bangumi/backend/src/main.py

Lines 41 to 43 in 81b3a4a

	@app.get("/posters/{path:path}", tags=["posters"])
	def posters(path: str):
	return FileResponse(f"data/posters/{path}")

漏洞等级

CVSS v4.0 Score: 8.7 / High

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

影响范围

3.1.6-fix - 3.1.18

修复方式

1. 不将 Auto_Bangumi 开放到公网
2. 修改代码，将

@app.get("/posters/{path:path}", tags=["posters"])
def posters(path: str):
    return FileResponse(f"data/posters/{path}")

修改为

app.mount("/posters", StaticFiles(directory="data/posters"), name="posters")

时间线

• 2024-10-23 发现问题，请求打开 GitHub 的 Private vulnerability reporting 功能以便沟通漏洞，[Discussion] 安全反馈处理政策？ #879
• 2024-10-24 开发者口头回应好的，但未有实际动作
• 2025-01-26 通过电子邮件将该漏洞细节告知开发者，但未有回应
• 2025-03-31 通过电子邮件再次联系开发者，但未有回应
• 2025-06-01 漏洞公开

发生问题时系统日志

---

Vulnerability Description

The posters method in /backend/src/main.py contains a directory traversal vulnerability, which allows attackers to read arbitrary files from the system.

Link to vulnerable code:

Auto_Bangumi/backend/src/main.py

Lines 41 to 43 in 81b3a4a

	@app.get("/posters/{path:path}", tags=["posters"])
	def posters(path: str):
	return FileResponse(f"data/posters/{path}")

Vulnerability Severity

CVSS v4.0 Score: 8.7 / High

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Versions

3.1.6-fix - 3.1.18

Mitigation

1. Do not expose Auto_Bangumi to the public network.
2. Modify the code by replace the following vulnerable code:

@app.get("/posters/{path:path}", tags=["posters"])
def posters(path: str):
    return FileResponse(f"data/posters/{path}")

With this secure alternative:

app.mount("/posters", StaticFiles(directory="data/posters"), name="posters")

Timeline

• 2024-10-23: Vulnerability discovered, requested to use GitHub's Private Vulnerability Reporting feature for communication, [Discussion] 安全反馈处理政策？ #879
• 2024-10-24: Developer acknowledged verbally but took no action
• 2025-01-26: Vulnerability details were sent to the developer via email, no response received
• 2025-03-31: Developer contacted again via email, no response received
• 2025-06-01: Vulnerability publicly disclosed

[shinonomeow]

这样呀, 不过ek也不在更新, 我会看看怎么改

[Sora233]

有poc么，我试了下没办法穿越上级目录

$ curl -v  http://localhost:10087/posters/../log.txt
* Host localhost:10087 was resolved.
* IPv6: ::1
* IPv4: 127.0.0.1
*   Trying [::1]:10087...
*   Trying 127.0.0.1:10087...
* Connected to localhost (127.0.0.1) port 10087
* using HTTP/1.x
> GET /log.txt HTTP/1.1
> Host: localhost:10087
> User-Agent: curl/8.10.1
> Accept: */*
>
* Request completely sent off
< HTTP/1.1 200 OK
< date: Tue, 03 Jun 2025 03:23:16 GMT
< server: uvicorn
< content-length: 740
< content-type: text/html; charset=utf-8
<
<!DOCTYPE html>
<html lang="zh">
  <head>
    <meta charset="UTF-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <meta name="robots" content="noindex, nofollow" />
    <meta name="theme-color" content="#ffffff" />
    <link rel="icon" href="./images/logo.svg" />
    <link rel="apple-touch-icon" href="/images/apple-touch-icon.png" />
    <meta name="description" content="Automated Bangumi Download Tool" />
    <title>AutoBangumi</title>
    <script type="module" crossorigin src="./assets/index-7275bf9d.js"></script>
    <link rel="stylesheet" href="./assets/style-451f58e3.css">
  <link rel="manifest" href="./manifest.webmanifest"></head>
  <body>
    <div id="app"></div>

  </body>
* Connection #0 to host localhost left intact
</html>

[imlonghao]

Track as CVE-2025-55865