Impact
Net::BitTorrent versions up to 2.0.1 allow path traversal in peer‑supplied metadata, enabling an attacker to provide file names containing ".." segments that bypass the module's sanitization. This flaw allows the attacker to write arbitrary files outside the designated download directory, potentially overwriting system files or dropping malicious payloads. The weakness corresponds to CWE‑22 – Path Traversal.
Affected Systems
The Perl library Net::BitTorrent is affected. All installed instances of its version 2.0.1 or earlier are vulnerable. The vulnerability exists in the core module responsible for handling metadata (both v1 and v2 file trees) and can be triggered by any peer or magnet that supplies malformed metadata.
Risk and Exploitability
The flaw can be exploited by a malicious peer or a magnet link that supplies crafted metadata. Because the client trusts the peer’s file names and piece hashes, and there is no verification against the download path, an attacker can write arbitrary content to any accessible path. The EPSS score is not available and the vulnerability is not listed in the CISA KEV catalog, but the lack of a fixed release and the CVSS score of 5.3 suggests moderate risk to confidentiality, integrity, and availability of the hosting system.
OpenCVE Enrichment