A directory traversal vulnerability exists in the CacheCleaner component of Robocode version 1.9.3.6. The recursivelyDelete method fails to properly sanitize file paths, allowing attackers to traverse directories and delete arbitrary files on the system. This vulnerability can be exploited by submitting specially crafted inputs that manipulate the file path, leading to potential unauthorized file deletions. https://robo-code.blogspot.com/
The recursivelyDelete method in the CacheCleaner component does not perform proper sanitization of file paths (CWE-22). An attacker can provide specially crafted input containing directory traversal sequences (e.g., '../'), which cause the process to exit the intended working directory. As a result, the method executes the deletion operation on files indicated by the manipulated path, regardless of their location in the file system.
An attacker can unauthorized delete arbitrary files available in the context of the application's permissions, which may lead to data loss, system destabilization, or disruption of other services.
Patches available from the vendor should be applied in accordance with references — a fix is available in the Robocode project GitHub repository (pull request #67, commit 26b6ba8ed5b2a11a646ce2d5da8d42cd53574b1f).
Robocode version 1.9.3.6
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:D/RE:M/U:RedRobocode
APPRobocode1.9.3.6
Related vulnerabilities
Robocode: podatność race condition przy tworzeniu plików tymczasowych (RCE)
Integer overflow w klasie Buffer Robocode umożliwiający RCE
Robocode through 1.9.3.5 allows remote attackers to cause external service interaction (DNS), as demonstrated ...
Robocode before 1.6.0 allows user-assisted remote attackers to "access the internals of the Robocode game" via...
The Event Dispatch Thread in Robocode before 1.5.1 allows remote attackers to execute arbitrary Java code by u...