CVE-2026-34745

Fireshare · Fireshare

An unauthenticated arbitrary file write vulnerability exists in the Fireshare /api/uploadChunked/public endpoint due to an incomplete fix for a previous vulnerability.

Executive summary

An unauthenticated arbitrary file write vulnerability in Fireshare versions prior to 1.5.3 allows attackers to execute code or overwrite system files.

Vulnerability

The vulnerability stems from an insecure implementation of the checkSum parameter in the unauthenticated public API endpoint, allowing unauthenticated attackers to write arbitrary files to the server.

Business impact

With a CVSS score of 9.1, this vulnerability represents a critical risk to organizational infrastructure. An attacker can leverage this flaw to gain full control over the host server, leading to data exfiltration, unauthorized system access, or complete service disruption.

Remediation

Immediate Action: Upgrade all instances of Fireshare to version 1.5.3 or later immediately to patch the insecure API endpoint.

Proactive Monitoring: Review web server access logs for suspicious POST requests targeting the /api/uploadChunked/public endpoint, specifically looking for anomalous checkSum parameter values.

Compensating Controls: Deploy a Web Application Firewall (WAF) rule to block unauthorized or suspicious traffic to the /api/uploadChunked/public endpoint until the patch is applied.

Exploitation status

Public Exploit Available: Unknown

Analyst recommendation

The severity of this file write vulnerability necessitates immediate patching. Administrators must verify that the update to version 1.5.3 is applied across all environments and audit system file integrity to ensure no unauthorized files were introduced prior to the patch.