AIT-Core BSC Unauthenticated Path Traversal and Arbitrary File Append

The Binary Stream Capture (BSC) component in AIT-Core before 3.1.1 and 2.x before 2.6.1 has an unauthenticated HTTP API that allows path traversal and arbitrary file append. Attackers can bypass the configured log root and write attacker-controlled data to arbitrary files, potentially leading to remote code execution.

All users of AIT-Core versions before 3.1.1 and 2.x before 2.6.1 who use the BSC server (ait-bsc).

Upgrade to AIT-Core version 3.1.1 or 2.6.1 immediately. If upgrade is not possible, restrict network access to the BSC REST API and ensure it is not exposed to untrusted networks.