CVE-2024-55660 Overview
CVE-2024-55660 is a Server-Side Template Injection (SSTI) vulnerability affecting SiYuan, a personal knowledge management system developed by B3log. Prior to version 3.1.16, the /api/template/renderSprig endpoint is vulnerable to SSTI attacks through the Sprig template engine. Although the Sprig engine has inherent limitations, this vulnerability allows unauthenticated attackers to access sensitive environment variables from the server, potentially exposing credentials, API keys, and other confidential configuration data.
Critical Impact
Attackers can exploit this SSTI vulnerability to extract sensitive environment variables from the server without authentication, potentially compromising secrets, credentials, and system configuration.
Affected Products
- B3log SiYuan versions prior to 3.1.16
- B3log SiYuan version 3.1.15 and earlier releases
- Self-hosted SiYuan instances with exposed API endpoints
Discovery Timeline
- 2024-12-12 - CVE-2024-55660 published to NVD
- 2025-06-05 - Last updated in NVD database
Technical Details for CVE-2024-55660
Vulnerability Analysis
This Server-Side Template Injection vulnerability exists in SiYuan's template rendering functionality. The /api/template/renderSprig endpoint accepts user-controlled input that is processed by the Sprig template engine without adequate validation. When a malicious template payload is submitted, the server interprets and executes the template directives, allowing attackers to invoke Sprig functions that can read environment variables.
The vulnerability is classified under CWE-1336 (Improper Neutralization of Special Elements Used in a Template Engine) and CWE-94 (Improper Control of Generation of Code), both of which relate to insufficient input sanitization in code generation contexts. The attack can be executed remotely over the network without requiring authentication or user interaction.
Root Cause
The root cause of this vulnerability is the lack of path validation and input sanitization in the template rendering API. The original implementation did not verify whether the provided path parameter was within the expected workspace directory, allowing attackers to craft malicious template payloads. Additionally, the Sprig template engine provides built-in functions that can access system environment variables, which were not restricted in the vulnerable implementation.
Attack Vector
The attack is executed by sending a crafted HTTP request to the /api/template/renderSprig endpoint with a malicious Sprig template payload. The template payload can leverage Sprig's env function to extract environment variables from the server. Since the endpoint does not require authentication and accepts arbitrary template content, an attacker with network access to the SiYuan instance can exploit this vulnerability to enumerate sensitive server configuration data.
The security patch introduces path validation to ensure template operations are restricted to the workspace directory:
return
}
+ if !util.IsAbsPathInWorkspace(p) {
+ ret.Code = -1
+ ret.Msg = "Path [" + p + "] is not in workspace"
+ return
+ }
+
preview := false
if previewArg := arg["preview"]; nil != previewArg {
preview = previewArg.(bool)
Source: GitHub Commit Details
Additional validation was added to the export functionality to prevent path traversal:
// 将需要导出的文件/文件夹复制到临时文件夹
for _, resourcePath := range resourcePaths {
- resourceFullPath := filepath.Join(util.WorkspaceDir, resourcePath) // 资源完整路径
+ resourceFullPath := filepath.Join(util.WorkspaceDir, resourcePath) // 资源完整路径
+ if !util.IsAbsPathInWorkspace(resourceFullPath) {
+ logging.LogErrorf("resource path [%s] is not in workspace", resourceFullPath)
+ err = errors.New("resource path [" + resourcePath + "] is not in workspace")
+ return
+ }
+
resourceBaseName := filepath.Base(resourceFullPath) // 资源名称
resourceCopyPath := filepath.Join(exportFolderPath, resourceBaseName) // 资源副本完整路径
Source: GitHub Commit Details
Detection Methods for CVE-2024-55660
Indicators of Compromise
- HTTP requests to /api/template/renderSprig containing Sprig template syntax such as {{ env }} or {{ .Env }}
- Unusual POST requests to template-related API endpoints from external IP addresses
- Log entries showing template rendering errors with environment variable references
- Evidence of enumeration attempts against multiple environment variable names
Detection Strategies
- Monitor web application logs for requests targeting /api/template/renderSprig with suspicious payloads
- Implement Web Application Firewall (WAF) rules to detect and block Sprig template injection patterns
- Deploy intrusion detection signatures to identify SSTI attack patterns in HTTP request bodies
- Review access logs for unauthenticated requests to sensitive API endpoints
Monitoring Recommendations
- Enable detailed logging for all API requests to the SiYuan application
- Configure alerts for high-volume requests to template rendering endpoints
- Monitor for unusual patterns in server resource usage that may indicate exploitation attempts
- Implement network segmentation to limit exposure of self-hosted SiYuan instances
How to Mitigate CVE-2024-55660
Immediate Actions Required
- Upgrade SiYuan to version 3.1.16 or later immediately
- Restrict network access to SiYuan instances using firewall rules
- Review server environment variables for exposed sensitive credentials
- Audit logs for signs of prior exploitation attempts
- Rotate any secrets that may have been exposed through environment variables
Patch Information
B3log has released version 3.1.16 of SiYuan which contains a fix for this vulnerability. The patch implements the IsAbsPathInWorkspace() function to validate that all path parameters are contained within the expected workspace directory, preventing both the SSTI attack and potential path traversal issues. Users should upgrade to the patched version as soon as possible.
For detailed patch information, refer to the GitHub Commit Details and the GitHub Security Advisory GHSA-4pjc-pwgq-q9jp.
Workarounds
- Place SiYuan instances behind a reverse proxy with authentication requirements
- Use network-level access controls to restrict API endpoint access to trusted IP addresses only
- Disable or block external access to the /api/template/renderSprig endpoint if not required
- Deploy a WAF with rules specifically targeting template injection attack patterns
# Example: Restrict access to SiYuan API using iptables
# Allow only localhost and trusted IP ranges
iptables -A INPUT -p tcp --dport 6806 -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp --dport 6806 -s 192.168.1.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 6806 -j DROP
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
