Unknown torrents added, zeroday vulnerability?

Ask for help and report issues not specific to either the Mac OS X or GTK+ versions of Transmission
Post Reply
feni85
Posts: 1
Joined: Tue Feb 15, 2022 10:17 am

Unknown torrents added, zeroday vulnerability?

Post by feni85 »

Hi, I logged onto my Transmission GUI today and found two torrents I do not know and have not added. I'm not the only user to report this, but information is scarce.

These are the two torrents that were added:

Code: Select all

[LockBlock] Xian Wang de Richang Shenghuo 1-15 VOSFTR [WEBRip][720p][X264]
[LockBlock] Xian Wang de Richang Shenghuo - The Daily Life of the Immortal King S2 1-12 VOSTFR [WEBRip][720p][X264]
My setup is Transmission v3.00 in a Docker container on a virtualized Ubuntu server. My GUI was open to the public internet, but uses a unique username/password combination. So while stuffed credentials were my first obvious guess, this isn't possible. Nothing seems to have been altered to my server/container other than these two torrents being added.

My best guess is that there's a zeroday vulnerability in Transmission v3.00. Is there a log I can share for examination?

User on different platform with similar report:
https://community.synology.com/enu/foru ... ply=470509
Doyley
Posts: 2
Joined: Mon Feb 14, 2022 5:28 pm

Re: Unknown torrents added, zeroday vulnerability?

Post by Doyley »

I had exactly the same torrents added to mine two days ago. I'd assumed I'd left the whitelist disabled or something so I tightened things down.
oof666ohno
Posts: 1
Joined: Wed Feb 23, 2022 2:08 pm

Re: Unknown torrents added, zeroday vulnerability?

Post by oof666ohno »

This is an ongoing issue with multiple torrent clients affected. All can be accessed without knowing the password or ports forwarded. It gets scary when the attacker can run any code via payload.

https://qbforums.shiki.hu/viewtopic.php?t=9643
https://www.reddit.com/r/truenas/commen ... nt_plugin/
https://www.reddit.com/r/qBittorrent/co ... nts_added/
https://community.synology.com/enu/forum/1/post/151239
Post Reply