CVE-2025-48067: OctoPrint vulnerable to possible file extraction via upload endpoints

The vulnerability allows an attacker with FILE_UPLOAD permission to exfiltrate files by tricking OctoPrint into moving existing files into the upload folder. This is achieved by sending a specially crafted HTTP request to an upload endpoint with form inputs that are supposed to be used internally.

The provided patch is in the _on_part_finish method within src/octoprint/server/util/tornado.py. This method is responsible for handling individual parts of a multipart file upload. The patch introduces a check to ensure that part names do not end with suffixes reserved for internal use (e.g., self._suffixes.values()). If such a part name is detected, the part is discarded.

This implies that the _on_part_finish function was vulnerable because, before the patch, it would process these internal-only form inputs without sufficient validation. An attacker could craft a part with a name that, when combined with other (potentially manipulated) internal parameters, would cause the application to move an arbitrary file (that OctoPrint has read access to) into a publicly accessible upload directory.

The vulnerability description lists several affected API endpoints:

• /api/files/{local|sdcard}
• /api/languages
• /plugin/backup/restore
• /plugin/pluginmanager/upload_file

These endpoints likely utilize the FileUploadMixin (or a similar class) that contains the _on_part_finish method for handling file uploads. Therefore, _on_part_finish is the specific function within the file upload processing pipeline where the malicious input is handled and where the vulnerability could be triggered. The patch directly addresses the lack of validation in this function for internal-only parameters passed via form part names.