SecuriTricks - CVE-2025-57698

Description

AstrBot Project v3.5.22 contains a directory traversal vulnerability. The handler function install_plugin_upload of the interface '/plugin/install-upload' parses the filename from the request body provided by the user, and directly uses the filename to assign to file_path without checking the validity of the filename. The variable file_path is then passed as a parameter to the function `file.save`, so that the file in the request body can be saved to any location in the file system through directory traversal.

Product(s) Impacted

Vendor	Product	Versions
Astrbot	Astrbot	3.5.22

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

*CPE(s)

Affected systems and software identified for this CVE.

Type	Vendor	Product	Version	Update	Edition	Language	Software Edition	Target Software	Target Hardware	Other Information
a	astrbot	astrbot	3.5.22	/	/	/	/	/	/	/

References

https://github.com/DYX217/vulnerability-explore/blob/main/2/README.md

CVSS Score

7.5 / 10

CVSS Data - 3.1

Attack Vector: NETWORK
Attack Complexity: LOW
Privileges Required: NONE
Scope: UNCHANGED
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

View Vector String

Timeline

Published: Nov. 7, 2025, 5:15 p.m.
Last Modified: Dec. 5, 2025, 8:51 p.m.

Status : Analyzed

CVE has had analysis completed and all data associations made.

More info

Source

cve@mitre.org

CVE-2025-57698