An unauthenticated command injection vulnerability in Gotenberg allows attackers to overwrite or move arbitrary files within the container environment.

The application fails to sanitize newline characters in metadata values, allowing an unauthenticated attacker to inject ExifTool flags. This permits the manipulation of files, including the creation of symlinks or overwriting system files.

This flaw grants an attacker significant control over the container file system, which may lead to privilege escalation or the destruction of critical application data. Given the 10.0 CVSS score, the potential for total loss of container integrity and subsequent lateral movement is extreme.

Immediate Action: Upgrade to the latest version of Gotenberg to ensure proper metadata sanitization.

Proactive Monitoring: Review application logs for evidence of unusual metadata input or unexpected file system operations within the container.

Compensating Controls: Run the container with a read-only root file system and strictly limit the privileges of the user running the service to minimize the impact of file-system manipulation.

Public Exploit Available: false

This vulnerability is critical due to its potential for full container compromise. Organizations utilizing Gotenberg should apply the vendor-supplied patches immediately to prevent unauthorized file system modifications.