<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Root-Restriction-Bypass - CraftedSignal Threat Feed</title><link>https://feed.craftedsignal.io/tags/root-restriction-bypass/</link><description>Trending threats, MITRE ATT&amp;CK coverage, and detection metadata. Fed continuously.</description><generator>Hugo</generator><language>en</language><managingEditor>hello@craftedsignal.io</managingEditor><webMaster>hello@craftedsignal.io</webMaster><lastBuildDate>Mon, 29 Jan 2024 12:00:00 +0000</lastBuildDate><atom:link href="https://feed.craftedsignal.io/tags/root-restriction-bypass/feed.xml" rel="self" type="application/rss+xml"/><item><title>LiquidJS Template Engine Root Restriction Bypass via Symlink Exploitation</title><link>https://feed.craftedsignal.io/briefs/2024-01-29-liquidjs-symlink-bypass/</link><pubDate>Mon, 29 Jan 2024 12:00:00 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2024-01-29-liquidjs-symlink-bypass/</guid><description>A vulnerability in LiquidJS allows attackers to bypass template root restrictions by using symlinks within allowed directories to render arbitrary files outside the intended scope, potentially leading to sensitive information disclosure.</description><content:encoded><![CDATA[<p>LiquidJS, a popular template engine, is susceptible to a root restriction bypass (CVE-2026-35525) affecting versions 10.25.2 and below. The vulnerability stems from how LiquidJS handles partials and layouts. Specifically, it validates access based on the pathname string rather than resolving the canonical filesystem path. This allows an attacker to place a symlink within an allowed directory (partials or layouts) that points to a file outside of that directory. When LiquidJS attempts to render the template, it follows the symlink, effectively bypassing the intended root restriction. This issue arises in environments where attackers can influence template files, such as through uploaded themes, extracted archives, or repository-controlled template trees.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li>The attacker gains the ability to influence or place files within a LiquidJS template directory. This could be via uploading themes, extracting archives, or modifying content within a repository.</li>
<li>The attacker creates a symlink file, <code>link.liquid</code>, within the allowed <code>partials</code> or <code>layouts</code> directory.</li>
<li>The symlink <code>link.liquid</code> is configured to point to a sensitive file outside the allowed template root (e.g., <code>/etc/passwd</code>).</li>
<li>The attacker crafts a LiquidJS template containing an <code>{% include %}</code>, <code>{% render %}</code>, or <code>{% layout %}</code> tag that references the symlink <code>link.liquid</code>.</li>
<li>LiquidJS processes the template and performs a path-based check on <code>link.liquid</code>, which passes because it resides within the allowed directory.</li>
<li>When LiquidJS attempts to read the template, the filesystem resolves the symlink to the targeted file (e.g., <code>/etc/passwd</code>).</li>
<li>LiquidJS renders the contents of the targeted file as part of the template output.</li>
<li>The attacker gains access to the content of the sensitive file, potentially revealing sensitive information or configuration details.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>Successful exploitation allows attackers to read arbitrary files accessible to the LiquidJS process. This could lead to the disclosure of sensitive information such as configuration files, source code, or internal documentation. The impact is particularly severe in environments where LiquidJS is used to render user-supplied templates, as it enables privilege escalation or information leakage. The vulnerable package, <code>npm/liquidjs</code> (versions &lt;= 10.25.2), is widely used in web applications.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Upgrade LiquidJS to a version greater than 10.25.2 to remediate CVE-2026-35525.</li>
<li>Implement stricter file access controls and input validation to prevent attackers from placing or influencing files in template directories.</li>
<li>Monitor filesystem events for the creation of symlinks within template directories that point outside the allowed root. Use the <code>FileCreate</code> and <code>TargetFilename</code> fields in the provided Sigma rule to detect symlink creation.</li>
<li>Deploy the Sigma rules provided to detect the usage of <code>render</code>, <code>include</code>, or <code>layout</code> tags referencing suspicious file paths in your environment.</li>
</ul>
]]></content:encoded><category domain="severity">high</category><category domain="type">advisory</category><category>liquidjs</category><category>symlink</category><category>template-injection</category><category>root-restriction-bypass</category></item></channel></rss>