CVE-2022-21693 is a path traversal vulnerability (CWE-22) affecting versions of OnionShare prior to 2.5. OnionShare is an open-source application designed to securely and anonymously share files, host websites, and chat via the Tor network. The vulnerability arises from improper limitation of pathname inputs, allowing an attacker who already has some form of filesystem access within the context of the OnionShare process to traverse directories beyond the intended restricted directory. Specifically, an adversary with a primitive enabling filesystem access can exploit this flaw to access sensitive files throughout the entire user home folder. However, the impact is somewhat mitigated by OnionShare’s automatic exclusion of hidden folders, which typically contain many sensitive configuration and system files. The vulnerability does not appear to be exploitable remotely or without prior access to the system running OnionShare, as it requires the attacker to have some level of filesystem access within the OnionShare process context. No known exploits are currently reported in the wild. The vulnerability can be mitigated by using the Flatpak release of OnionShare, which presumably enforces stricter sandboxing and filesystem access controls. Since no official CVSS score is assigned, the severity is assessed as medium based on the potential for sensitive data exposure within the user’s home directory, the requirement for prior access, and the limited scope of impact due to hidden folder exclusions.

For European organizations, the primary impact of this vulnerability is the potential leakage of sensitive user data stored within the home directories of systems running vulnerable versions of OnionShare. This could include personal files, credentials, configuration files, or other confidential information. Given OnionShare’s use case for secure and anonymous file sharing over Tor, organizations relying on it for privacy-sensitive communications or data exchange could see a compromise of confidentiality if an attacker gains filesystem access. However, the vulnerability does not directly enable remote code execution or system-wide compromise, limiting its impact on system integrity and availability. The requirement for prior filesystem access means this vulnerability is more likely to be exploited in scenarios where an attacker has already breached the system or has insider access. European organizations in sectors with high privacy requirements, such as legal, journalism, or human rights groups using OnionShare for secure communications, could be particularly affected if sensitive data is exposed. The risk is lower for organizations that do not use OnionShare or have upgraded to versions 2.5 or later.

1. Upgrade OnionShare to version 2.5 or later, where this vulnerability is fixed. 2. Use the Flatpak release of OnionShare, which provides sandboxing that restricts filesystem access and mitigates the path traversal risk. 3. Limit filesystem access permissions for the OnionShare process to the minimum necessary, ideally restricting it to specific directories rather than the entire home folder. 4. Monitor and audit filesystem access logs for unusual or unauthorized access patterns within user home directories on systems running OnionShare. 5. Educate users about the risks of running outdated versions of privacy tools and encourage timely updates. 6. Employ endpoint security solutions that can detect and prevent unauthorized filesystem access attempts, especially in environments where OnionShare is used. 7. For organizations using OnionShare in sensitive contexts, consider additional isolation measures such as containerization or dedicated virtual machines to limit the blast radius of any compromise.