Platform
python
Component
db-gpt
Fixed in
0.7.1
0.7.2
0.7.3
CVE-2025-6772 is a critical Path Traversal vulnerability affecting db-gpt versions 0.7.0 through 0.7.2. This flaw allows attackers to potentially read sensitive files on the system by manipulating the 'File' argument within the import_flow function. The vulnerability has been publicly disclosed and is exploitable remotely, posing a significant risk to deployments using affected versions. A fix is available in version 0.7.3.
The core of this vulnerability lies in the import_flow function within the /api/v2/serve/awel/flow/import endpoint. An attacker can craft a malicious request that exploits the lack of proper input validation on the 'File' argument. By providing a specially crafted filename containing path traversal sequences (e.g., ../../../../etc/passwd), the attacker can bypass intended access controls and read files outside of the intended directory. This could expose sensitive configuration files, source code, or even system credentials. The remote nature of the vulnerability means an attacker does not need local access to exploit it, significantly expanding the potential attack surface.
This vulnerability has been publicly disclosed, increasing the likelihood of exploitation. No specific KEV listing or EPSS score is currently available. Public proof-of-concept exploits are likely to emerge given the vulnerability's nature and public disclosure. The vulnerability was published on 2025-06-27.
Exploit Status
EPSS
0.48% (65% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-6772 is to immediately upgrade to db-gpt version 0.7.3 or later, which includes the necessary fix. If upgrading is not immediately feasible, consider implementing temporary workarounds. Restrict access to the /api/v2/serve/awel/flow/import endpoint to trusted sources only. Implement strict input validation on the 'File' argument, ensuring it only accepts expected filenames and paths. Consider using a Web Application Firewall (WAF) with rules to detect and block path traversal attempts. Monitor system logs for suspicious activity related to file access and the import endpoint.
Actualice db-gpt a una versión posterior a 0.7.2 que corrija la vulnerabilidad de path traversal. Consulte las notas de la versión o el registro de cambios para obtener más detalles sobre la corrección. Si no hay una versión corregida disponible, considere deshabilitar o eliminar la función import_flow hasta que se publique una actualización.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-6772 is a critical Path Traversal vulnerability in db-gpt versions 0.7.0–0.7.2, allowing attackers to read arbitrary files by manipulating the 'File' argument in the import_flow function.
You are affected if you are using db-gpt versions 0.7.0, 0.7.1, or 0.7.2. Upgrade to 0.7.3 or later to mitigate the risk.
The recommended fix is to upgrade to db-gpt version 0.7.3 or later. Temporary workarounds include restricting access to the import endpoint and implementing strict input validation.
While no active exploitation has been confirmed, the vulnerability has been publicly disclosed, increasing the likelihood of exploitation.
Refer to the db-gpt project's official channels (e.g., GitHub repository, mailing list) for the latest advisory and updates regarding CVE-2025-6772.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.