CVE-2026-25628
📋 TL;DR
This vulnerability in Qdrant vector database allows attackers with read-only access to append arbitrary content to files on the server via the /logger endpoint. The attacker controls the file path through the on_disk.log_file parameter, enabling potential data corruption, privilege escalation, or denial of service. All Qdrant deployments running versions 1.9.3 through 1.15.x are affected.
💻 Affected Systems
- Qdrant vector database
📦 What is this software?
Qdrant by Qdrant
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise via arbitrary file write leading to privilege escalation, data destruction, or remote code execution by overwriting critical system files.
Likely Case
Data corruption, denial of service by filling disk space, or unauthorized modification of application files leading to service disruption.
If Mitigated
Limited impact if proper file permissions restrict write access to sensitive locations and monitoring detects unusual file modifications.
🎯 Exploit Status
Exploitation requires read-only access but is straightforward via API calls. The vulnerability is well-documented in the advisory with code examples.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.16.0
Vendor Advisory: https://github.com/qdrant/qdrant/security/advisories/GHSA-f632-vm87-2m2f
Restart Required: Yes
Instructions:
1. Stop Qdrant service. 2. Backup configuration and data. 3. Upgrade to version 1.16.0 or later using your package manager or download from GitHub releases. 4. Restart Qdrant service. 5. Verify the fix by checking the version and testing the /logger endpoint.
🔧 Temporary Workarounds
Disable /logger endpoint
allRemove or restrict access to the vulnerable /logger API endpoint
# Configure API gateway or reverse proxy to block /logger endpoint
# Example nginx location block:
location /logger {
deny all;
return 403;
}
Restrict file system permissions
linuxLimit Qdrant process permissions to prevent writing to sensitive directories
# Run Qdrant with minimal privileges
sudo chown -R qdrant:qdrant /var/lib/qdrant
sudo chmod 750 /var/lib/qdrant
# Use container isolation or chroot
🧯 If You Can't Patch
- Implement strict network access controls to limit who can reach the Qdrant API endpoints
- Deploy file integrity monitoring to detect unauthorized file modifications and implement regular backups
🔍 How to Verify
Check if Vulnerable:
Check Qdrant version: if between 1.9.3 and 1.15.x inclusive, the system is vulnerable. Test by attempting to access /logger endpoint with controlled file path parameter.Check Version:
curl -s http://localhost:6333 | grep version || qdrant --versionVerify Fix Applied:
After upgrading to 1.16.0+, verify the version and test that the /logger endpoint no longer accepts arbitrary file paths for writing.📡 Detection & Monitoring
Log Indicators:
- Unusual /logger endpoint access with non-standard file paths
- File modification events in unexpected locations
- Disk space alerts from rapid log file growth
Network Indicators:
- HTTP POST requests to /logger endpoint with file path parameters
- Unusual API traffic patterns to Qdrant
SIEM Query:
source="qdrant.log" AND (uri_path="/logger" AND (file_path!="*qdrant*" OR file_path="*../*"))