9.8

CVE-2024-10901

Exploit

EPSS 1.06%
Veröffentlicht 20.03.2025 10:09:40
Zuletzt bearbeitet 17.07.2025 13:40:42
Quelle security@huntr.dev
CVE-Watchlists
Login
Unerledigt
Login

In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/chart/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write, enabling them to write arbitrary files to the victim's file system. This can potentially lead to Remote Code Execution (RCE) by writing malicious files such as `__init__.py` in the Python's `/site-packages/` directory.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Dbgpt ≫ Db-gpt Version0.6.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.06%	0.773

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
security@huntr.dev	9.1	3.9	5.2	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWE-434 Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

https://huntr.com/bounties/db2c1d59-6e3a-4553-a1f6-94c8df162a18

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2024-10901

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-10901

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-10901

EUVD