Unrated severityNVD Advisory· Published Sep 29, 2022· Updated Apr 23, 2025

Discourse vulnerable to RCE via admins uploading maliciously zipped file

CVE-2022-36066

Description

Discourse is an open source discussion platform. In versions prior to 2.8.9 on the stable branch and prior to 2.9.0.beta10 on the beta and tests-passed branches, admins can upload a maliciously crafted Zip or Gzip Tar archive to write files at arbitrary locations and trigger remote code execution. The problem is patched in version 2.8.9 on the stable branch and version 2.9.0.beta10 on the beta and tests-passed branches. There are no known workarounds.

Affected products

Discourse (software)/Discoursev5
Range: < 2.8.9

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/discourse/discourse/commit/b27d5626d208a22c516a0adfda7554b67b493835mitrex_refsource_MISC
github.com/discourse/discourse/pull/18421mitrex_refsource_MISC
github.com/discourse/discourse/security/advisories/GHSA-grvh-qcpg-hfmvmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000