CVE-2024-2221
📋 TL;DR
This vulnerability in qdrant/qdrant allows attackers to upload arbitrary files to any location on the filesystem via a path traversal attack in the snapshot upload endpoint. This can lead to remote code execution, system compromise, and service disruption. All deployments using vulnerable versions of qdrant are affected.
💻 Affected Systems
- qdrant/qdrant
📦 What is this software?
Qdrant by Qdrant
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise via remote code execution, allowing attackers to execute arbitrary commands, steal data, install persistent backdoors, or render the system inoperable.
Likely Case
File system corruption, service disruption, data loss, and potential privilege escalation leading to unauthorized access to sensitive information.
If Mitigated
Limited impact with proper file system permissions and network segmentation, though service disruption remains possible.
🎯 Exploit Status
The vulnerability is straightforward to exploit with basic HTTP requests and requires no authentication by default.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in commit e6411907f0ecf3c2f8ba44ab704b9e4597d9705d
Vendor Advisory: https://github.com/qdrant/qdrant/commit/e6411907f0ecf3c2f8ba44ab704b9e4597d9705d
Restart Required: Yes
Instructions:
1. Update qdrant to the latest version containing the fix commit. 2. Restart the qdrant service. 3. Verify the fix by checking the version and testing the endpoint.
🔧 Temporary Workarounds
Network Access Restriction
allRestrict network access to the qdrant service to only trusted IP addresses or internal networks.
Use firewall rules (e.g., iptables, nftables, cloud security groups) to limit access to qdrant ports.
Endpoint Disablement
allDisable the vulnerable endpoint if not required for operations.
Configure qdrant to disable the /collections/{COLLECTION}/snapshots/upload endpoint via configuration or reverse proxy rules.
🧯 If You Can't Patch
- Implement strict network segmentation to isolate qdrant from untrusted networks.
- Apply file system permissions to restrict write access to critical directories.
🔍 How to Verify
Check if Vulnerable:
Check if the qdrant version is older than the fix commit e6411907f0ecf3c2f8ba44ab704b9e4597d9705d by examining the version or commit hash.Check Version:
Check qdrant logs or use API endpoints to determine the running version; consult documentation for specific commands.Verify Fix Applied:
Verify the version matches or exceeds the fixed commit, and test the endpoint with a path traversal payload to confirm it's blocked.📡 Detection & Monitoring
Log Indicators:
- Unusual file upload requests to /collections/*/snapshots/upload with path traversal patterns (e.g., '../')
- Errors indicating file system access violations or unexpected file writes.
Network Indicators:
- HTTP POST requests to the vulnerable endpoint with malicious payloads
- Unusual outbound connections from qdrant service post-exploitation.
SIEM Query:
source="qdrant.log" AND (url_path="/collections/*/snapshots/upload" AND (payload CONTAINS "../" OR payload CONTAINS "..\\"))