Cuckoo Sandbox arbitrary file upload vulnerability [PATCH IMMEDIATLY]

The security researcher Robert Michel, which currently works at G-Data has found an vulnerability in the Cuckoo Sandbox project.

The vulnerability would allow the guest machine to upload a file, which could be used to infect specific environments and networks.

Cuckoo Sandbox published a report which provides insight in the file upload vulnerability.

HOW TO FIX

Go to the lib/cuckoo/core/resultserver.py file and change the following code

and change the “yellow” part

cuckoo sandbox vulnerability

with 

if "../" in buf or buf.startswith("/"):
    raise CuckooOperationalError("FileUpload failure, banned path.")

You can also download the latest version of the Cuckoo Sandbox project