Plattform
python
Komponente
db-gpt
Behoben in
0.7.1
0.7.2
0.7.3
CVE-2025-6772 is a critical Path Traversal vulnerability affecting db-gpt versions 0.7.0 through 0.7.2. This flaw allows attackers to potentially read sensitive files on the system by manipulating the 'File' argument within the import_flow function. The vulnerability has been publicly disclosed and is exploitable remotely, posing a significant risk to deployments using affected versions. A fix is available in version 0.7.3.
The core of this vulnerability lies in the import_flow function, specifically how it handles file imports. An attacker can craft a malicious request that includes a manipulated 'File' argument, leveraging path traversal sequences (e.g., '../') to navigate outside the intended directory. This allows them to access files that should be protected, potentially including configuration files, source code, or other sensitive data. The remote nature of the vulnerability means an attacker does not need local access to exploit it. The potential impact extends beyond simple data disclosure; an attacker could potentially modify critical system files or execute arbitrary code if the accessed files are executable.
This vulnerability has been publicly disclosed, increasing the risk of exploitation. No specific KEV listing or EPSS score is currently available. Public proof-of-concept exploits are likely to emerge, making it crucial to apply the patch promptly. The vulnerability was published on 2025-06-27, indicating a relatively recent disclosure.
Organizations deploying db-gpt in production environments, particularly those with publicly accessible API endpoints, are at risk. Shared hosting environments where multiple users share the same server instance are also particularly vulnerable, as a compromise of one user's instance could lead to access to other users' data. Systems using older, unpatched versions of db-gpt are most susceptible.
• python / server:
import os
import requests
url = 'http://your-db-gpt-server/api/v2/serve/awel/flow/import'
# Attempt path traversal
file_param = 'File=../../../../etc/passwd'
# Send the request
response = requests.post(url, data={'import_flow': file_param})
# Check for sensitive file content in the response
if 'root:' in response.text:
print('Potential Path Traversal Detected!')
else:
print('No Path Traversal Detected.')disclosure
Exploit-Status
EPSS
0.48% (65% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-6772 is to immediately upgrade db-gpt to version 0.7.3 or later, which contains the fix. If upgrading is not immediately feasible, consider implementing temporary workarounds. Restrict file upload directories and implement strict input validation on the 'File' argument to prevent path traversal attempts. Employ a Web Application Firewall (WAF) with rules to block requests containing suspicious path traversal sequences. Monitor system logs for unusual file access patterns or attempts to access files outside of expected directories. After upgrading, verify the fix by attempting to access a file outside the intended import directory and confirming access is denied.
Actualice db-gpt a una versión posterior a 0.7.2 que corrija la vulnerabilidad de path traversal. Consulte las notas de la versión o el registro de cambios para obtener más detalles sobre la corrección. Si no hay una versión corregida disponible, considere deshabilitar o eliminar la función import_flow hasta que se publique una actualización.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-6772 is a critical Path Traversal vulnerability in db-gpt versions 0.7.0–0.7.2, allowing attackers to read arbitrary files by manipulating the 'File' argument in the import_flow function.
You are affected if you are using db-gpt versions 0.7.0, 0.7.1, or 0.7.2. Upgrade to 0.7.3 or later to mitigate the risk.
The recommended fix is to upgrade to db-gpt version 0.7.3 or later. Temporary workarounds include restricting access to the import endpoint and implementing strict input validation.
While no active exploitation has been confirmed, the vulnerability has been publicly disclosed, increasing the likelihood of exploitation.
Refer to the db-gpt project's official channels (e.g., GitHub repository, mailing list) for the latest advisory and updates regarding CVE-2025-6772.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.