Apache Solr For Windows instances Vulnerability Allows Arbitrary Path Write-Access

A critical security vulnerability (CVE-2024-52012) affecting Apache Solr instances on Windows has been identified, allowing attackers to gain arbitrary file path write access using the “configset upload” API.

The flaw, categorized as a relative path traversal vulnerability, poses a moderate security risk and affects Apache Solr versions from 6.6 through 9.7.0.

Vulnerability Details

This recently disclosed issue exploits a “Zip Slip” vulnerability within the “configset upload” API of Solr when running on Windows.

The vulnerability stems from insufficient input validation and sanitization in the handling of ZIP archives. Malicious actors can manipulate ZIP files with specially crafted relative file paths, enabling data to be written to unintended locations on the system’s file structure.

Are you from SOC/DFIR Teams? - Analyse Malware Files & Links with ANY.RUN Sandox -> Try for Free

Attackers leveraging this flaw may gain unauthorized write access to arbitrary file paths, potentially ...