SecuriTricks - CVE-2024-10830

Description

A Path Traversal vulnerability exists in the eosphoros-ai/db-gpt version 0.6.0 at the API endpoint `/v1/resource/file/delete`. This vulnerability allows an attacker to delete any file on the server by manipulating the `file_key` parameter. The `file_key` parameter is not properly sanitized, enabling an attacker to specify arbitrary file paths. If the specified file exists, the application will delete it.

Product(s) Impacted

Vendor	Product	Versions
Eosphoros-ai	Db-gpt	0.6.0

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

*CPE(s)

Affected systems and software identified for this CVE.

Type	Vendor	Product	Version	Update	Edition	Language	Software Edition	Target Software	Target Hardware	Other Information
a	eosphoros-ai	db-gpt	0.6.0	/	/	/	/	/	/	/

References

https://huntr.com/bounties/26adf08a-9262-4d5a-a2ee-ce12ed919620

CVSS Score

8.2 / 10

CVSS Data - 3.0

Attack Vector: NETWORK
Attack Complexity: LOW
Privileges Required: NONE
Scope: UNCHANGED
Confidentiality Impact: NONE
Integrity Impact: LOW
Availability Impact: HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

View Vector String

Timeline

Published: March 20, 2025, 10:15 a.m.
Last Modified: March 20, 2025, 3:15 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

security@huntr.dev

CVE-2024-10830