CVE-2026-44885: Portainer Directory Traversal in Backup Restore (2.33.0–2.33.7)
Portainer Community Edition versions 2.33.0 through 2.33.7 contain a directory traversal flaw in the backup restore function. When administrators upload a .tar.gz backup file to restore Portainer's configuration, the extraction process fails to properly validate file paths. A malicious backup archive can exploit this to write files outside the intended directory, potentially placing them anywhere on the server filesystem—for instance, in cron job directories or other sensitive locations. An attacker with high-level privileges (such as admin access) can craft a backup to inject malicious files into the host system during restoration. The vulnerability is resolved in version 2.33.8.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 5.5 MEDIUM · CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L
- Weaknesses (CWE)
- CWE-22
- Affected products
- 1 configuration(s)
- Published / Modified
- 2026-05-28 / 2026-06-17
NVD description (verbatim)
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, Portainer's backup restore feature accepts a .tar.gz archive and extracts it to a target directory on the server. The extraction function (ExtractTarGz in api/archive/targz.go) constructed output paths using filepath.Clean(filepath.Join(outputDirPath, header.Name)). This combination does not prevent directory traversal — a tar entry named ../../etc/cron.d/evil resolves to a path outside the extraction root, so a crafted archive can write files to arbitrary locations on the server filesystem. This vulnerability is fixed in 2.33.8.
2 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
The vulnerability exists in the ExtractTarGz function (api/archive/targz.go) within Portainer's backup restoration mechanism. The function constructs extraction paths using filepath.Clean(filepath.Join(outputDirPath, header.Name)). This combination is insufficient to prevent directory traversal attacks. An attacker can craft tar archive entries with path traversal sequences (e.g., ../../etc/cron.d/evil) that resolve to locations outside the extraction root directory. Since filepath.Join concatenates path components and filepath.Clean normalizes them without enforcing a boundary check, entries like ../../../ escape the intended extraction directory. The flaw is classified as CWE-22 (Improper Limitation of a Pathname to a Restricted Directory).
Business impact
Organizations relying on Portainer's backup and restore workflow face the risk of unauthorized file placement on their container management infrastructure. If an attacker gains high-privilege access to Portainer, they can inject persistent payloads via backup restoration—for example, malicious cron jobs, system scripts, or configuration files. This enables lateral movement, privilege escalation, or supply-chain compromise of containerized environments. The impact is amplified in production environments where Portainer manages critical application stacks across Docker, Kubernetes, or Swarm clusters.
Affected systems
Portainer Community Edition versions 2.33.0 through 2.33.7 are affected. Version 2.33.8 and later contain the fix. The vulnerability affects all deployments of these versions regardless of underlying orchestration platform (Docker, Swarm, Kubernetes, ACI). Organizations should verify their running Portainer version via the admin console or API (typically accessible at /api/system/version or similar endpoints) and cross-reference against the affected range.
Exploitability
Exploitation requires high-privilege authentication to Portainer (administrator credentials). The CVSS vector (AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L) reflects network accessibility with high privilege requirement. While the barrier to entry is significant—an attacker must already possess admin credentials—the attack itself is straightforward: create a malicious tar.gz archive with traversal paths, upload it via the backup restore interface, and arbitrary files will be written to the target system. The vulnerability is not currently tracked in CISA's Known Exploited Vulnerabilities catalog, indicating no evidence of active exploitation in the wild at publication time.
Remediation
Upgrade Portainer Community Edition to version 2.33.8 or later as soon as practical. This release contains path validation fixes to the backup extraction function. Before upgrading, apply principle of least privilege: restrict Portainer admin role to only those who absolutely require it, and limit network access to the Portainer console via firewall rules or authentication proxies. Consider disabling backup restoration temporarily in high-risk environments if an immediate upgrade is not feasible.
Patch guidance
Portainer Community Edition upgrades can typically be performed in-place or via container image updates depending on deployment method. For containerized deployments, pull the latest image tag (2.33.8 or higher) and restart the Portainer container. For binary installations, download the updated binary from Portainer's release repository. Verify the upgrade by checking the version endpoint (/api/system/version) after restart. Test backup restoration in a non-production environment before using the feature in production post-upgrade. Consult Portainer's official upgrade documentation to ensure compatibility with your deployment architecture.
Detection guidance
Monitor Portainer's audit logs for backup restoration activities, especially uploads by high-privilege accounts. Look for suspicious tar archive names or unusually large backup files that may contain traversal paths. System-level indicators include unexpected file creation in sensitive directories (/etc, /var, /opt, /cron.d) coinciding with Portainer backup restoration events. If Portainer is running in a container, monitor the host filesystem for unauthorized modifications outside expected container boundaries. Network-based detection is limited; focus on host-based file integrity monitoring and audit log review. Check for processes spawned or files modified immediately following backup restore operations.
Why prioritize this
Although the CVSS score is 5.5 (MEDIUM), prioritization should account for context. The vulnerability grants arbitrary file write access on the Portainer host and requires high privilege, making it a stepping stone to post-exploitation. In containerized environments, this can compromise the container orchestration layer itself. Organizations running Portainer in production should treat this as HIGH priority for timely patching due to the blast radius—a compromise of Portainer can affect all managed containers. Those with mature access controls and limited admin user bases may schedule this as MEDIUM priority within a 30-day window.
Risk score, explained
The CVSS 3.1 score of 5.5 reflects: (1) network-based attack vector (AV:N), (2) low attack complexity (AC:L)—the malicious tar need only contain path traversal entries, (3) high privilege requirement (PR:H), (4) no impact to confidentiality (C:N), (5) high impact to integrity (I:H) via arbitrary file write, and (6) low impact to availability (A:L). The score underweights the practical risk in containerized infrastructure, where a compromised Portainer instance can cascade into widespread platform compromise. Contextual risk elevation is warranted for organizations where Portainer is a trusted control plane component.
Frequently asked questions
How can I check if my Portainer instance is affected?
Log into your Portainer console, navigate to Admin > System Information (or query /api/system/version via API), and note the version. If it falls between 2.33.0 and 2.33.7 inclusive, you are affected. Version 2.33.8 or later is patched. You can also run 'docker inspect' or 'kubectl describe' on the Portainer container/pod to extract the image tag.
Can an attacker exploit this without admin credentials?
No. The vulnerability requires high-privilege authentication to access the backup restore function in Portainer's API and UI. An attacker must already possess or have compromised an admin-level user account. This is why limiting Portainer admin role membership to essential personnel significantly reduces risk.
If I've upgraded to 2.33.8, do I need to worry about previously uploaded malicious backups?
Upgrading prevents *future* exploitation but does not automatically remediate any payloads a malicious backup may have already written to the filesystem. After upgrading, perform a filesystem integrity check and audit recent file modifications in system directories. If you suspect a malicious backup was restored before the upgrade, review logs, inspect cron jobs, and check for unexpected scripts or binaries in sensitive locations.
Is this vulnerability exploitable in air-gapped environments?
Air-gapping does not protect against this vulnerability if an authorized insider or previously compromised account can create and upload a malicious backup. The exploit path is entirely internal to Portainer's restoration process. However, air-gapped environments reduce the likelihood of the initial compromise that would grant an attacker the credentials needed to exploit this flaw.
This analysis is provided for informational purposes and reflects information available as of the publication date. CVSS scores, patch versions, and vendor timelines are derived from official sources and should be verified against vendor advisories before taking action. Organizations should conduct their own risk assessment based on their specific Portainer deployment, network configuration, and access control posture. This vulnerability requires high-privilege authentication; however, security research or threat intelligence may reveal unexpected attack chains. Always test patches in non-production environments before production deployment. SEC.co makes no warranty regarding the completeness or accuracy of this analysis and disclaims liability for actions taken in reliance upon it. Source: NVD (public-domain), retrieved 2026-07-07. Analysis generated by SEC.co (claude-haiku-4-5).
Related vulnerabilities
- CVE-2018-25393MEDIUMNavigate CMS 2.8.5 Path Traversal Vulnerability (CVSS 6.5)
- CVE-2018-25421MEDIUMOpen STA Manager 2.3 Path Traversal File Download Vulnerability
- CVE-2019-25734MEDIUMContact Form by WD CSRF & Local File Inclusion Vulnerability
- CVE-2019-25740MEDIUMJoomla com_jsjobs Arbitrary File Deletion Vulnerability
- CVE-2024-47263MEDIUMSynology Hyper Backup Path Traversal – Admin Privilege Required
- CVE-2024-47273MEDIUMSynology Hyper Backup Path Traversal Vulnerability (4.3 MEDIUM)
- CVE-2026-0055MEDIUMAndroid Path Traversal in PackageInstallerService Enables Local Privilege Escalation to Device Policy Controller
- CVE-2026-10213MEDIUMAstrBot 4.23.6 Path Traversal in API Endpoint