CVE-2026-33645

{"id": "CVE-2026-33645", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 4.2, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 2.8}]}, "published": "2026-03-26T21:17:07.940", "references": [{"url": "https://github.com/ShaneIsrael/fireshare/releases/tag/v1.5.2", "tags": ["Release Notes"], "source": "security-advisories@github.com"}, {"url": "https://github.com/ShaneIsrael/fireshare/security/advisories/GHSA-7q8r-vpq3-89m7", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/ShaneIsrael/fireshare/security/advisories/GHSA-7q8r-vpq3-89m7", "tags": ["Vendor Advisory"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-22"}, {"lang": "en", "value": "CWE-73"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Fireshare facilitates self-hosted media and link sharing. In version 1.5.1, an authenticated path traversal vulnerability in Fireshare\u2019s chunked upload endpoint allows an attacker to write arbitrary files outside the intended upload directory. The `checkSum` multipart field is used directly in filesystem path construction without sanitization or containment checks. This enables unauthorized file writes to attacker-chosen paths writable by the Fireshare process (e.g., container `/tmp`), violating integrity and potentially enabling follow-on attacks depending on deployment. Version 1.5.2 fixes the issue."}, {"lang": "es", "value": "Fireshare facilita el intercambio de medios y enlaces autoalojados. En la versi\u00f3n 1.5.1, una vulnerabilidad de salto de ruta autenticado en el endpoint de carga por fragmentos de Fireshare permite a un atacante escribir archivos arbitrarios fuera del directorio de carga previsto. El campo multipart 'checkSum' se utiliza directamente en la construcci\u00f3n de rutas del sistema de archivos sin saneamiento ni comprobaciones de contenci\u00f3n. Esto permite escrituras de archivos no autorizadas en rutas elegidas por el atacante que son escribibles por el proceso de Fireshare (por ejemplo, el contenedor '/tmp'), violando la integridad y potencialmente habilitando ataques posteriores dependiendo del despliegue. La versi\u00f3n 1.5.2 corrige el problema."}], "lastModified": "2026-03-30T18:12:01.663", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:shaneisrael:fireshare:1.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30F3F40C-460E-4042-8663-36E9994D325C"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}