EXECUTIVE SUMMARY:
CVE-2026-45576 with a CVSS score of 7.5 is a vulnerability in the zrok, specifically affecting versions less than 2.0.3 and versions 0.4.23 through 1.1.11. This vulnerability allows for improper limitation of a pathname to a restricted directory, known as Path Traversal (CWE-22), which enables an attacker to write attacker-controlled WebDAV paths outside the destination root using the 'copy' function in zrok. An attacker can exploit this vulnerability by using a specially crafted path in a zrok share, such as a WebDAV or zrok drive controlled by the attacker, and convincing a user to run the 'copy' function. This grants the attacker arbitrary directory traversal capabilities with the sharing user's credentials, allowing them to overwrite sensitive information. The business impact of this vulnerability is significant, as it enables attackers to access and modify sensitive data with the privileges of the sharing user, potentially leading to data breaches, corruption, or unauthorized access. To exploit this vulnerability, an attacker requires access to a zrok share and the ability to manipulate the 'copy' function, which could be achieved through social engineering or other means.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY:
CVE-2026-45576 with a CVSS score of 7.5 is a vulnerability in the zrok, specifically affecting versions less than 2.0.3 and versions 0.4.23 through 1.1.11. This vulnerability allows for improper limitation of a pathname to a restricted directory, known as Path Traversal (CWE-22), which enables an attacker to write attacker-controlled WebDAV paths outside the destination root using the 'copy' function in zrok. An attacker can exploit this vulnerability by using a specially crafted path in a zrok share, such as a WebDAV or zrok drive controlled by the attacker, and convincing a user to run the 'copy' function. This grants the attacker arbitrary directory traversal capabilities with the sharing user's credentials, allowing them to overwrite sensitive information. The business impact of this vulnerability is significant, as it enables attackers to access and modify sensitive data with the privileges of the sharing user, potentially leading to data breaches, corruption, or unauthorized access. To exploit this vulnerability, an attacker requires access to a zrok share and the ability to manipulate the 'copy' function, which could be achieved through social engineering or other means.[emaillocker id="1283"]
RECOMMENDATION:
REFERENCES:
The following reports contain further technical details:
https://github.com/advisories/GHSA-c656-jcx2-7pqj