cve/2023/CVE-2023-49793.md

### [CVE-2023-49793](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49793)
![](https://img.shields.io/static/v1?label=Product&message=codechecker&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%206.23.0%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%3A%20Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')&color=brighgreen)

### Description

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Zip files uploaded to the server endpoint of `CodeChecker store` are not properly sanitized. An attacker, using a path traversal attack, can load and display files on the machine of `CodeChecker server`. The vulnerable endpoint is `/Default/v6.53/CodeCheckerService@massStoreRun`. The path traversal vulnerability allows reading data on the machine of the `CodeChecker server`, with the same permission level as the `CodeChecker server`.The attack requires a user account on the `CodeChecker server`, with permission to store to a server, and view the stored report. This vulnerability has been patched in version 6.23.

### POC

#### Reference
- https://github.com/Ericsson/codechecker/security/advisories/GHSA-h26w-r4m5-8rrf

#### Github
No PoCs found on GitHub currently.