qdrant is vulnerable to path traversal due to improper input validation in the `/collections/{name}/snapshots/upload` endpoint
        
  Critical severity
        
          GitHub Reviewed
      
        Published
          Jun 2, 2024 
          to the GitHub Advisory Database
      
  
Description
        Published by the National Vulnerability Database
      May 30, 2024 
    
  
        Published to the GitHub Advisory Database
      Jun 2, 2024 
    
  
        Reviewed
      Jun 2, 2024 
    
  
qdrant/qdrant version 1.9.0-dev is vulnerable to path traversal due to improper input validation in the
/collections/{name}/snapshots/uploadendpoint. By manipulating thenameparameter through URL encoding, an attacker can upload a file to an arbitrary location on the system, such as/root/poc.txt. This vulnerability allows for the writing and overwriting of arbitrary files on the server, potentially leading to a full takeover of the system. The issue is fixed in version 1.9.0.References