cbcvebase.

Eosphoros-Ai Db-Gpt vulnerabilities

10 known vulnerabilities affecting eosphoros-ai/eosphoros-ai_db-gpt.

Total CVEs
10
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL6HIGH4

Vulnerabilities

Page 1 of 1
CVE-2024-10902P2CRITICALCVSS 9.8≥ unspecified, ≤ latest2025-03-20
CVE-2024-10902 [CRITICAL] CWE-22 CVE-2024-10902: In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /v1/personal/agent/upload` is vulnerable to In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /v1/personal/agent/upload` is vulnerable to Arbitrary File Upload with Path Traversal. This vulnerability allows unauthorized attackers to upload arbitrary files to the victim's file system at any location. The impact of this vulnerability includes the potential for remote code execution (RCE
nvd
CVE-2024-10835P2CRITICALCVSS 9.8≥ unspecified, ≤ latest2025-03-20
CVE-2024-10835 [CRITICAL] CWE-89 CVE-2024-10835: In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/sql/run` allows execution of In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/sql/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write using DuckDB SQL, enabling them to write arbitrary files to the victim's file system. This can potentially lead to Rem
nvd
CVE-2024-10901P2CRITICALCVSS 9.8≥ unspecified, ≤ latest2025-03-20
CVE-2024-10901 [CRITICAL] CWE-434 CVE-2024-10901: In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/chart/run` allows execution In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/chart/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write, enabling them to write arbitrary files to the victim's file system. This can potentially lead to Remote Code Execut
nvd
CVE-2024-10833P2CRITICALCVSS 9.1≥ unspecified, ≤ latest2025-03-20
CVE-2024-10833 [CRITICAL] CWE-36 CVE-2024-10833: eosphoros-ai/db-gpt version 0.6.0 is vulnerable to an arbitrary file write through the knowledge API eosphoros-ai/db-gpt version 0.6.0 is vulnerable to an arbitrary file write through the knowledge API. The endpoint for uploading files as 'knowledge' is susceptible to absolute path traversal, allowing attackers to write files to arbitrary locations on the target server. This vulnerability arises because the 'doc_file.filename' parameter is user-co
nvd
CVE-2024-10834P3CRITICALCVSS 9.1≥ unspecified, ≤ latest2025-03-20
CVE-2024-10834 [CRITICAL] CWE-73 CVE-2024-10834: eosphoros-ai/db-gpt version 0.6.0 contains a vulnerability in the RAG-knowledge endpoint that allows eosphoros-ai/db-gpt version 0.6.0 contains a vulnerability in the RAG-knowledge endpoint that allows for arbitrary file write. The issue arises from the ability to pass an absolute path to a call to `os.path.join`, enabling an attacker to write files to arbitrary locations on the target server. This vulnerability can be exploited by setting the `do
nvd
CVE-2024-10831P3CRITICALCVSS 9.1≥ unspecified, ≤ latest2025-03-20
CVE-2024-10831 [CRITICAL] CWE-36 CVE-2024-10831: In eosphoros-ai/db-gpt version 0.6.0, the endpoint for uploading files is vulnerable to absolute pat In eosphoros-ai/db-gpt version 0.6.0, the endpoint for uploading files is vulnerable to absolute path traversal. This vulnerability allows an attacker to upload arbitrary files to arbitrary locations on the target server. The issue arises because the `file_key` and `doc_file.filename` parameters are user-controllable, enabling the construction of p
nvd
CVE-2024-10830P3HIGHCVSS 8.2≥ unspecified, ≤ latest2025-03-20
CVE-2024-10830 [HIGH] CWE-22 CVE-2024-10830: A Path Traversal vulnerability exists in the eosphoros-ai/db-gpt version 0.6.0 at the API endpoint ` A Path Traversal vulnerability exists in the eosphoros-ai/db-gpt version 0.6.0 at the API endpoint `/v1/resource/file/delete`. This vulnerability allows an attacker to delete any file on the server by manipulating the `file_key` parameter. The `file_key` parameter is not properly sanitized, enabling an attacker to specify arbitrary file paths. If the s
nvd
CVE-2025-0452P3HIGHCVSS 8.2≥ unspecified, ≤ latest2025-03-20
CVE-2025-0452 [HIGH] CWE-73 CVE-2025-0452: eosphoros-ai/DB-GPT version latest is vulnerable to arbitrary file deletion on Windows systems via t eosphoros-ai/DB-GPT version latest is vulnerable to arbitrary file deletion on Windows systems via the '/v1/agent/hub/update' endpoint. The application fails to properly filter the '\' character, which is commonly used as a separator in Windows paths. This vulnerability allows attackers to delete any files on the host system by manipulating the 'plugin_r
nvd
CVE-2024-10829P3HIGHCVSS 7.5≥ unspecified, ≤ latest2025-03-20
CVE-2024-10829 [HIGH] CWE-835 CVE-2024-10829: A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of eo A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of eosphoros-ai/db-gpt v0.6.0 allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries, leading to an infinite loop and complete denial of service fo
nvd
CVE-2024-10906P3HIGHCVSS 8.1≥ unspecified, ≤ latest2025-03-20
CVE-2024-10906 [HIGH] CWE-352 CVE-2024-10906: In version 0.6.0 of eosphoros-ai/db-gpt, the `uvicorn` app created by `dbgpt_server` uses an overly In version 0.6.0 of eosphoros-ai/db-gpt, the `uvicorn` app created by `dbgpt_server` uses an overly permissive instance of `CORSMiddleware` which sets the `Access-Control-Allow-Origin` to `*` for all requests. This configuration makes all endpoints exposed by the server vulnerable to Cross-Site Request Forgery (CSRF). An attacker can exploit this vulne
nvd
Eosphoros-Ai Db-Gpt vulnerabilities | cvebase