CVE-2024-10833

CRITICAL

Dbgpt Db-gpt < 0.6.2 - Absolute Path Traversal

Title source: rule

Description

eosphoros-ai/db-gpt version 0.6.0 is vulnerable to an arbitrary file write through the knowledge API. The endpoint for uploading files as 'knowledge' is susceptible to absolute path traversal, allowing attackers to write files to arbitrary locations on the target server. This vulnerability arises because the 'doc_file.filename' parameter is user-controllable, enabling the construction of absolute paths.

References (1)

[Exploit, Third Party Advisory] https://huntr.com/bounties/dc58e981-e325-4c11-b4e1-1095890fd15a

Scores

CVSS v3 9.1

EPSS 0.0041

EPSS Percentile 61.7%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-36

Status published

Products (2)

dbgpt/db-gpt 0.6.0

pypi/dbgpt 0 - 0.6.2PyPI

Published Mar 20, 2025

Tracked Since Feb 18, 2026