Description
qBittorrent & operating system versions
qBitTorrent version: 4.5.1 (latest stable as of today).
Operating System: Windows 10, version 22H2. x64 architecture.
What is the problem?
I ran a Nessus vulnerability scan on a machine running qBitTorrent and found that the Web UI can be used to access arbitrary files on the host's filesystem - unauthenticated - via what appears to be a path traversal vulnerability.
Have done some searches on your bug tracker for an existing bug report - and can't find one, some am raising this. Note that this is my first open source bug report - so apologies if I've missed anything. Please let me know if there's anything you need from me.
Steps to reproduce
If you were on my network, you'd do the following:
- Enable the qBitTorrent web UI (in my case it runs on port 8080)
- From a command prompt, run curl -i "http://192.168.2.8:8080/..\..\..\..\..\windows\win.ini"
Expected result: a 403 or 404 response
Actual result: the win.ini file from the remote machine is displayed
Have attached a screenshot where I create a file on the remote machine then retrieve that file unauthenticated from my laptop.
Additional context
Log(s) & preferences file(s)
No response
