Description
AstrBot Project v3.5.22 has an arbitrary file read vulnerability in function _encode_image_bs64. Since the _encode_image_bs64 function defined in entities.py opens the image specified by the user in the request body and returns the image content as a base64-encoded string without checking the legitimacy of the image path, attackers can construct a series of malicious URLs to read any specified file, resulting in sensitive data leakage.
References (1)
Core 1
Core References
Exploit, Third Party Advisory
https://github.com/DYX217/vulnerability-explore/blob/main/1/README.md
Scores
CVSS v3
6.5
EPSS
0.0008
EPSS Percentile
23.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-125
Status
published
Products (2)
astrbot/astrbot
3.5.22
pypi/AstrBot
0PyPI
Published
Nov 07, 2025
Tracked Since
Feb 18, 2026