Vulnerability-Lookup

CVE-2026-44885 (GCVE-0-2026-44885)

Vulnerability from cvelistv5 – Published: 2026-05-28 20:56 – Updated: 2026-05-29 19:11

Title

Portainer: Path traversal in backup archive extraction allows arbitrary file write

Summary

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, Portainer's backup restore feature accepts a .tar.gz archive and extracts it to a target directory on the server. The extraction function (ExtractTarGz in api/archive/targz.go) constructed output paths using filepath.Clean(filepath.Join(outputDirPath, header.Name)). This combination does not prevent directory traversal — a tar entry named ../../etc/cron.d/evil resolves to a path outside the extraction root, so a crafted archive can write files to arbitrary locations on the server filesystem. This vulnerability is fixed in 2.33.8.

Severity

5.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L

CWE

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Assigner

GitHub_M

References

2 references

URL	Tags
https://github.com/portainer/portainer/security/a…	x_refsource_CONFIRM
https://github.com/portainer/portainer-suite/pull/1875	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
portainer	portainer	Affected: >= 2.33.0, < 2.33.8

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-44885",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-29T19:08:51.068303Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-29T19:11:01.372Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "portainer",
          "vendor": "portainer",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 2.33.0, \u003c 2.33.8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, Portainer\u0027s backup restore feature accepts a .tar.gz archive and extracts it to a target directory on the server. The extraction function (ExtractTarGz in api/archive/targz.go) constructed output paths using filepath.Clean(filepath.Join(outputDirPath, header.Name)). This combination does not prevent directory traversal \u2014 a tar entry named ../../etc/cron.d/evil resolves to a path outside the extraction root, so a crafted archive can write files to arbitrary locations on the server filesystem. This vulnerability is fixed in 2.33.8."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-28T20:56:57.555Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/portainer/portainer/security/advisories/GHSA-m8fg-67j7-cx4v",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/portainer/portainer/security/advisories/GHSA-m8fg-67j7-cx4v"
        },
        {
          "name": "https://github.com/portainer/portainer-suite/pull/1875",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/portainer/portainer-suite/pull/1875"
        }
      ],
      "source": {
        "advisory": "GHSA-m8fg-67j7-cx4v",
        "discovery": "UNKNOWN"
      },
      "title": "Portainer: Path traversal in backup archive extraction allows arbitrary file write"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-44885",
    "datePublished": "2026-05-28T20:56:42.024Z",
    "dateReserved": "2026-05-07T21:50:33.544Z",
    "dateUpdated": "2026-05-29T19:11:01.372Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-44885",
      "date": "2026-05-29",
      "epss": "0.0025",
      "percentile": "0.4854"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-44885\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-05-28T22:16:59.803\",\"lastModified\":\"2026-05-29T15:06:44.207\",\"vulnStatus\":\"Undergoing Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, Portainer\u0027s backup restore feature accepts a .tar.gz archive and extracts it to a target directory on the server. The extraction function (ExtractTarGz in api/archive/targz.go) constructed output paths using filepath.Clean(filepath.Join(outputDirPath, header.Name)). This combination does not prevent directory traversal \u2014 a tar entry named ../../etc/cron.d/evil resolves to a path outside the extraction root, so a crafted archive can write files to arbitrary locations on the server filesystem. This vulnerability is fixed in 2.33.8.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":1.2,\"impactScore\":4.2}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"references\":[{\"url\":\"https://github.com/portainer/portainer-suite/pull/1875\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/portainer/portainer/security/advisories/GHSA-m8fg-67j7-cx4v\",\"source\":\"security-advisories@github.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"title\": \"Portainer: Path traversal in backup archive extraction allows arbitrary file write\", \"source\": {\"advisory\": \"GHSA-m8fg-67j7-cx4v\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"portainer\", \"product\": \"portainer\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 2.33.0, \u003c 2.33.8\"}]}], \"references\": [{\"url\": \"https://github.com/portainer/portainer/security/advisories/GHSA-m8fg-67j7-cx4v\", \"name\": \"https://github.com/portainer/portainer/security/advisories/GHSA-m8fg-67j7-cx4v\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/portainer/portainer-suite/pull/1875\", \"name\": \"https://github.com/portainer/portainer-suite/pull/1875\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, Portainer\u0027s backup restore feature accepts a .tar.gz archive and extracts it to a target directory on the server. The extraction function (ExtractTarGz in api/archive/targz.go) constructed output paths using filepath.Clean(filepath.Join(outputDirPath, header.Name)). This combination does not prevent directory traversal \\u2014 a tar entry named ../../etc/cron.d/evil resolves to a path outside the extraction root, so a crafted archive can write files to arbitrary locations on the server filesystem. This vulnerability is fixed in 2.33.8.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-05-28T20:56:57.555Z\"}}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-44885\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-29T19:08:51.068303Z\"}}}], \"providerMetadata\": {\"shortName\": \"CISA-ADP\", \"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"dateUpdated\": \"2026-05-29T19:10:57.054Z\"}}]}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-44885\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-28T20:56:57.555Z\", \"dateReserved\": \"2026-05-07T21:50:33.544Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-05-28T20:56:42.024Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

FKIE_CVE-2026-44885

Vulnerability from fkie_nvd - Published: 2026-05-28 22:16 - Updated: 2026-05-29 15:06

Severity

5.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/portainer/portainer-suite/pull/1875
	security-advisories@github.com	https://github.com/portainer/portainer/security/advisories/GHSA-m8fg-67j7-cx4v

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, Portainer\u0027s backup restore feature accepts a .tar.gz archive and extracts it to a target directory on the server. The extraction function (ExtractTarGz in api/archive/targz.go) constructed output paths using filepath.Clean(filepath.Join(outputDirPath, header.Name)). This combination does not prevent directory traversal \u2014 a tar entry named ../../etc/cron.d/evil resolves to a path outside the extraction root, so a crafted archive can write files to arbitrary locations on the server filesystem. This vulnerability is fixed in 2.33.8."
    }
  ],
  "id": "CVE-2026-44885",
  "lastModified": "2026-05-29T15:06:44.207",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 4.2,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-05-28T22:16:59.803",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/portainer/portainer-suite/pull/1875"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/portainer/portainer/security/advisories/GHSA-m8fg-67j7-cx4v"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Undergoing Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Primary"
    }
  ]
}

GHSA-M8FG-67J7-CX4V

Vulnerability from github – Published: 2026-05-14 16:23 – Updated: 2026-05-14 16:23

Summary

Portainer has a path traversal in backup archive extraction that allows arbitrary file write

Details

Summary

Portainer's backup restore feature accepts a .tar.gz archive and extracts it to a target directory on the server. The extraction function (ExtractTarGz in api/archive/targz.go) constructed output paths using filepath.Clean(filepath.Join(outputDirPath, header.Name)). This combination does not prevent directory traversal — a tar entry named ../../etc/cron.d/evil resolves to a path outside the extraction root, so a crafted archive can write files to arbitrary locations on the server filesystem.

Severity

Medium

CWE-22 — Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploitation requires administrator access to Portainer's backup restore endpoint. An administrator who is deceived into restoring a malicious archive, or whose credentials are compromised, can use this path to write files outside the Portainer data directory.

Affected Versions

The vulnerability exists in every Portainer release prior to 2.39.0 — ExtractTarGz has used filepath.Clean(filepath.Join()) since it was introduced. The fix shipped with 2.39.0 (patched on develop before the 2.39 branch cut); 2.34.x–2.38.x STS releases are also affected but are end-of-life and will not receive a fix.

Branch	First vulnerable	Fixed in
2.33.x (LTS)	2.33.0	2.33.8

Portainer 2.39.0 and later are not affected — the fix was present from the initial 2.39.0 release. All releases prior to 2.33.0 are end-of-life and will not receive a fix; users on EOL versions should upgrade to a supported release.

Workarounds

Administrators who cannot immediately upgrade should:

Only restore archives from trusted sources. Do not restore archives received from untrusted parties or transmitted over unencrypted channels.
Use backup encryption. Portainer's optional backup encryption requires the correct passphrase to decrypt before extraction; an attacker without the passphrase cannot craft a valid encrypted archive.

Neither of these replaces the fix.

Affected Code

ExtractTarGz in api/archive/targz.go constructed output paths without safe containment:

// api/archive/targz.go (pre-fix)
case tar.TypeReg:
    p := filepath.Clean(filepath.Join(outputDirPath, header.Name))

filepath.Join resolves ../ components lexically and filepath.Clean normalises the result, but neither verifies the final path remains inside outputDirPath. The fix replaces this with filesystem.JoinPaths, which forces all path components to be relative to the trusted root:

// api/archive/targz.go (post-fix)
case tar.TypeReg:
    p := filesystem.JoinPaths(outputDirPath, header.Name)

Impact

Arbitrary file write at any path accessible to the Portainer process (typically root in containerised deployments), overriding filesystem boundaries of the data directory.
Potential host persistence by writing to cron directories, SSH authorised key files, or executable paths, depending on how the container is configured and what host paths are accessible.

The practical severity is reduced because exploitation requires administrative privileges within Portainer.

Timeline

2026-02-16: Fix merged to develop (#1875).
2026-02-25: 2.39.0 released with fix.
2026-05-07: 2.33.8 released with backport fix.

Credits

Reported by Kolega.

Severity

5.5 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/portainer/portainer"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.33.0"
            },
            {
              "fixed": "2.33.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-44885"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-14T16:23:03Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "### Summary\nPortainer\u0027s backup restore feature accepts a `.tar.gz` archive and extracts it to a target directory on the server. The extraction function (`ExtractTarGz` in `api/archive/targz.go`) constructed output paths using `filepath.Clean(filepath.Join(outputDirPath, header.Name))`. This combination does not prevent directory traversal \u2014 a tar entry named `../../etc/cron.d/evil` resolves to a path outside the extraction root, so a crafted archive can write files to arbitrary locations on the server filesystem.\n\n## Severity\n\n**Medium**\n\n**CWE-22** \u2014 Improper Limitation of a Pathname to a Restricted Directory\n(\u0027Path Traversal\u0027)\n\nExploitation requires administrator access to Portainer\u0027s backup restore endpoint. An administrator who is deceived into restoring a malicious archive, or whose credentials are compromised, can use this path to write files outside the Portainer data directory.\n\n## Affected Versions\n\nThe vulnerability exists in every Portainer release prior to 2.39.0 \u2014 `ExtractTarGz` has used `filepath.Clean(filepath.Join())` since it was introduced.  The fix shipped with 2.39.0 (patched on `develop` before the 2.39 branch cut); 2.34.x\u20132.38.x STS releases are also affected but are end-of-life and will not receive a fix.\n\n| Branch       | First vulnerable | Fixed in   |\n|--------------|------------------|------------|\n| 2.33.x (LTS) | 2.33.0           | **2.33.8** |\n\nPortainer 2.39.0 and later are not affected \u2014 the fix was present from the initial 2.39.0 release. All releases prior to 2.33.0 are end-of-life and will not receive a fix; users on EOL versions should upgrade to a supported release.\n\n## Workarounds\n\nAdministrators who cannot immediately upgrade should:\n\n- **Only restore archives from trusted sources.** Do not restore archives received from untrusted parties or transmitted over unencrypted channels.\n- **Use backup encryption.** Portainer\u0027s optional backup encryption requires the correct passphrase to decrypt before extraction; an attacker without the passphrase cannot craft a valid encrypted archive.\n\nNeither of these replaces the fix.\n\n## Affected Code\n\n`ExtractTarGz` in `api/archive/targz.go` constructed output paths without safe containment:\n\n```go\n// api/archive/targz.go (pre-fix)\ncase tar.TypeReg:\n    p := filepath.Clean(filepath.Join(outputDirPath, header.Name))\n```\nfilepath.Join resolves ../ components lexically and filepath.Clean normalises the result, but neither verifies the final path remains inside outputDirPath. The fix replaces this with filesystem.JoinPaths, which forces all path components to be relative to the trusted root:\n\n```go\n// api/archive/targz.go (post-fix)\ncase tar.TypeReg:\n    p := filesystem.JoinPaths(outputDirPath, header.Name)\n```\n\n### Impact\n\n- Arbitrary file write at any path accessible to the Portainer process (typically root in containerised deployments), overriding filesystem boundaries of the data directory.\n- Potential host persistence by writing to cron directories, SSH authorised key files, or executable paths, depending on how the container is configured and what host paths are accessible.\n\nThe practical severity is reduced because exploitation requires administrative privileges within Portainer.\n\n## Timeline\n\n- 2026-02-16: Fix merged to develop ([#1875](https://github.com/portainer/portainer-suite/pull/1875)).\n- 2026-02-25: 2.39.0 released with fix.\n- 2026-05-07: 2.33.8 released with backport fix.\n\n### Credits\nReported by [Kolega](https://kolega.ai).",
  "id": "GHSA-m8fg-67j7-cx4v",
  "modified": "2026-05-14T16:23:03Z",
  "published": "2026-05-14T16:23:03Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/portainer/portainer/security/advisories/GHSA-m8fg-67j7-cx4v"
    },
    {
      "type": "WEB",
      "url": "https://github.com/portainer/portainer/commit/e02ae6b2fb69668d1cd7d07cb873dfcdd9cf1e42"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/portainer/portainer"
    },
    {
      "type": "WEB",
      "url": "https://github.com/portainer/portainer/releases/tag/2.33.8"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Portainer has a path traversal in backup archive extraction that allows arbitrary file write"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-44885 (GCVE-0-2026-44885)

FKIE_CVE-2026-44885

GHSA-M8FG-67J7-CX4V

Summary

Severity

Affected Versions

Workarounds

Affected Code

Impact

Timeline

Credits

Tags

Sightings

Nomenclature