CVE-2025-57698
published 2025-11-07CVE-2025-57698: AstrBot Project v3.5.22 contains a directory traversal vulnerability. The handler function install_plugin_upload of the interface '/plugin/install-upload'…
PriorityP347high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.69%
48.1th percentile
AstrBot Project v3.5.22 contains a directory traversal vulnerability. The handler function install_plugin_upload of the interface '/plugin/install-upload' parses the filename from the request body provided by the user, and directly uses the filename to assign to file_path without checking the validity of the filename. The variable file_path is then passed as a parameter to the function `file.save`, so that the file in the request body can be saved to any location in the file system through directory traversal.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| astrbot | astrbot | — | — |
| astrbot | astrbot | 0 – 3.5.22 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
AstrBot contains a directory traversal vulnerability
ghsa·2025-11-07
CVE-2025-57698 [HIGH] CWE-22 AstrBot contains a directory traversal vulnerability
AstrBot contains a directory traversal vulnerability
AstrBot Project v3.5.22 contains a directory traversal vulnerability. The handler function install_plugin_upload of the interface '/plugin/install-upload' parses the filename from the request body provided by the user, and directly uses the filename to assign to file_path without checking the validity of the filename. The variable file_path is then passed as a parameter to the function `file.save`, so that the file in the request body can be saved to any location in the file system through directory traversal.
OSV
AstrBot contains a directory traversal vulnerability
osv·2025-11-07
CVE-2025-57698 [HIGH] AstrBot contains a directory traversal vulnerability
AstrBot contains a directory traversal vulnerability
AstrBot Project v3.5.22 contains a directory traversal vulnerability. The handler function install_plugin_upload of the interface '/plugin/install-upload' parses the filename from the request body provided by the user, and directly uses the filename to assign to file_path without checking the validity of the filename. The variable file_path is then passed as a parameter to the function `file.save`, so that the file in the request body can be saved to any location in the file system through directory traversal.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-11-07
Published