pyload-ng@0.5.0b3.dev82 vulnerabilities

pyload-ng is a The free and open-source Download Manager written in pure Python

Affected versions of this package are vulnerable to Command Injection via the flashgot API and the download process. An attacker can execute arbitrary code by manipulating the download path to target the scripts directory and spoofing HTTP headers to bypass security checks. This is only exploitable if the server settings allow changing the download folder to a scripts directory and the permissions for downloaded files are improperly set.

Upgrade pyload-ng to version 0.5.0b3.dev87 or higher.

pyload-ng is a The free and open-source Download Manager written in pure Python

Affected versions of this package are vulnerable to Improper Control of Generation of Code ('Code Injection') through the /flash/addcrypted2 API endpoint that uses js2py, which is vulnerable to Code Injection. An attacker can execute arbitrary shell commands by sending a specially crafted request that bypasses the localhost-only restriction using a modified HTTP header.

Note:

Any payload-ng running under python3.11 or below is vulnerable.

pyload-ng doesn't use js2py for python3.12 or above.

Upgrade pyload-ng to version 0.5.0b3.dev87 or higher.

pyload-ng is a The free and open-source Download Manager written in pure Python

Affected versions of this package are vulnerable to Unrestricted Upload of File with Dangerous Type due to the ability to change the download folder and upload a crafted template. An attacker can execute arbitrary code on the server by uploading a malicious template file to a specified folder and then navigating to a URL that renders the uploaded template.

Upgrade pyload-ng to version 0.5.0b3.dev85 or higher.