{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-34745", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-30T19:17:10.224Z", "datePublished": "2026-04-02T18:38:17.626Z", "dateUpdated": "2026-04-02T19:15:43.377Z"}, "containers": {"cna": {"title": "Unauthenticated Path Traversal Arbitrary File Write in /api/uploadChunked/public", "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "lang": "en", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/ShaneIsrael/fireshare/security/advisories/GHSA-fvvp-rj8g-c7gc", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/ShaneIsrael/fireshare/security/advisories/GHSA-fvvp-rj8g-c7gc"}, {"name": "https://github.com/ShaneIsrael/fireshare/pull/520", "tags": ["x_refsource_MISC"], "url": "https://github.com/ShaneIsrael/fireshare/pull/520"}, {"name": "https://github.com/ShaneIsrael/fireshare/commit/b76915607924756e6fa1a5f6c8823c38d611fb24", "tags": ["x_refsource_MISC"], "url": "https://github.com/ShaneIsrael/fireshare/commit/b76915607924756e6fa1a5f6c8823c38d611fb24"}, {"name": "https://github.com/ShaneIsrael/fireshare/releases/tag/v1.5.3", "tags": ["x_refsource_MISC"], "url": "https://github.com/ShaneIsrael/fireshare/releases/tag/v1.5.3"}], "affected": [{"vendor": "ShaneIsrael", "product": "fireshare", "versions": [{"version": "< 1.5.3", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-02T18:38:17.626Z"}, "descriptions": [{"lang": "en", "value": "Fireshare facilitates self-hosted media and link sharing. Prior to version 1.5.3, the fix for CVE-2026-33645 was applied to the authenticated /api/uploadChunked endpoint but was not applied to the unauthenticated /api/uploadChunked/public endpoint in the same file (app/server/fireshare/api.py). An unauthenticated attacker can exploit the checkSum parameter to write arbitrary files with attacker-controlled content to any writable path on the server filesystem. This issue has been patched in version 1.5.3."}], "source": {"advisory": "GHSA-fvvp-rj8g-c7gc", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-02T19:15:35.516472Z", "id": "CVE-2026-34745", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-02T19:15:43.377Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-34745", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-02T19:15:35.516472Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-02T19:15:39.896Z"}}], "cna": {"title": "Unauthenticated Path Traversal Arbitrary File Write in /api/uploadChunked/public", "source": {"advisory": "GHSA-fvvp-rj8g-c7gc", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "ShaneIsrael", "product": "fireshare", "versions": [{"status": "affected", "version": "< 1.5.3"}]}], "references": [{"url": "https://github.com/ShaneIsrael/fireshare/security/advisories/GHSA-fvvp-rj8g-c7gc", "name": "https://github.com/ShaneIsrael/fireshare/security/advisories/GHSA-fvvp-rj8g-c7gc", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/ShaneIsrael/fireshare/pull/520", "name": "https://github.com/ShaneIsrael/fireshare/pull/520", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/ShaneIsrael/fireshare/commit/b76915607924756e6fa1a5f6c8823c38d611fb24", "name": "https://github.com/ShaneIsrael/fireshare/commit/b76915607924756e6fa1a5f6c8823c38d611fb24", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/ShaneIsrael/fireshare/releases/tag/v1.5.3", "name": "https://github.com/ShaneIsrael/fireshare/releases/tag/v1.5.3", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Fireshare facilitates self-hosted media and link sharing. Prior to version 1.5.3, the fix for CVE-2026-33645 was applied to the authenticated /api/uploadChunked endpoint but was not applied to the unauthenticated /api/uploadChunked/public endpoint in the same file (app/server/fireshare/api.py). An unauthenticated attacker can exploit the checkSum parameter to write arbitrary files with attacker-controlled content to any writable path on the server filesystem. This issue has been patched in version 1.5.3."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-02T18:38:17.626Z"}}}, "cveMetadata": {"cveId": "CVE-2026-34745", "state": "PUBLISHED", "dateUpdated": "2026-04-02T19:15:43.377Z", "dateReserved": "2026-03-30T19:17:10.224Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-02T18:38:17.626Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:shaneisrael:fireshare:*:*:*:*:*:*:*:*", "matchCriteriaId": "BD38C642-B601-465E-9D1F-CB73CFF5B954", "versionEndExcluding": "1.5.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Fireshare facilitates self-hosted media and link sharing. Prior to version 1.5.3, the fix for CVE-2026-33645 was applied to the authenticated /api/uploadChunked endpoint but was not applied to the unauthenticated /api/uploadChunked/public endpoint in the same file (app/server/fireshare/api.py). An unauthenticated attacker can exploit the checkSum parameter to write arbitrary files with attacker-controlled content to any writable path on the server filesystem. This issue has been patched in version 1.5.3."}], "id": "CVE-2026-34745", "lastModified": "2026-04-03T19:50:08.803", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-02T19:21:33.340", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/ShaneIsrael/fireshare/commit/b76915607924756e6fa1a5f6c8823c38d611fb24"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/ShaneIsrael/fireshare/pull/520"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/ShaneIsrael/fireshare/releases/tag/v1.5.3"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "url": "https://github.com/ShaneIsrael/fireshare/security/advisories/GHSA-fvvp-rj8g-c7gc"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.5.3)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "fireshare", "source": "cna", "vendor": "ShaneIsrael"}, "product": "fireshare", "vendor": "shaneisrael"}], "analysis": {"en": {"generated_at": "2026-04-02T22:50:28.403695+00:00", "value": {"mitigation_remediation": ["Upgrade Fireshare to version 1.5.3 or later.", "Restrict access to the /api/uploadChunked/public endpoint by configuring a firewall or reverse proxy to require authentication.", "Set restrictive filesystem permissions on the Fireshare service so it can only write to intended directories."], "summary": {"action": "Immediate Patch", "impact": "Arbitrary File Write"}, "threat_synthesis": {"affected_systems": "The vulnerability affects Fireshare deployments built by ShaneIsrael running any version earlier than 1.5.3. Versions 1.5.3 and later include the patch that disables the vulnerable behavior for the public upload endpoint.", "description_and_impact": "Fireshare includes an unauthenticated endpoint at /api/uploadChunked/public that, due to improper validation of the checkSum parameter, allows an attacker to supply an arbitrary file path. This flaw is a classic path\u2011traversal weakness (CWE\u201122) that enables the creation or overwrite of any file the web server process can write to, thereby facilitating arbitrary file write. An attacker can place malicious scripts, alter configuration files, or replace application assets, potentially leading to remote code execution or significant data integrity violations.", "risk_and_exploitability": "The CVSS base score of 9.1 reflects a highly severe risk. Exploitation requires no authentication and only a simple HTTP request to the exposed public endpoint, making the attack straightforward for any network\u2011reachable attacker. While EPSS data is not available, the absence of a CISA KEV listing does not reduce the potential impact. If the attacker can reach the API, the ability to write arbitrary files poses a severe threat to confidentiality, integrity, and availability of the affected system."}}}}, "created": "2026-04-03T07:31:40.811223+00:00", "updated": "2026-04-03T09:16:37.673348+00:00", "vendors": ["shaneisrael", "shaneisrael$PRODUCT$fireshare"]}