Platform
python
Component
openchatbi
Opgelost in
0.2.3
0.2.2
CVE-2026-28795 describes a critical Path Traversal vulnerability within the save_report tool of openchatbi. This flaw allows attackers to manipulate file paths, potentially writing files to arbitrary locations on the system. The vulnerability affects versions of openchatbi up to and including 0.2.1, and a fix is available in version 0.2.2.
The core issue lies in the insufficient sanitization of the fileformat parameter within the savereport.py script. While leading dots are stripped, malicious path traversal sequences like /../../ are not adequately handled. Consequently, when constructing the filename, these sequences are preserved, enabling attackers to bypass intended directory restrictions. An attacker could leverage this to overwrite critical system files, inject malicious code, or gain unauthorized access to sensitive data. The potential impact extends beyond simple file manipulation; successful exploitation could lead to complete system compromise.
This vulnerability was publicly disclosed on 2026-03-02. There are currently no known public exploits or active campaigns targeting this vulnerability. The CVSS score of 7.5 (HIGH) indicates a significant risk, and it is recommended to prioritize remediation. No KEV listing at this time.
Organizations deploying openchatbi, particularly those using older versions (≤0.2.1) or those with insufficient file access controls, are at significant risk. Shared hosting environments where multiple users have write access to the same directory are especially vulnerable.
• python / file system:
import os
import glob
report_dir = '/path/to/openchatbi/reports'
pattern = os.path.join(report_dir, '*.*')
# Check for unexpected files outside the report directory
for file in glob.glob(pattern):
if not file.startswith(report_dir): # Basic check - refine as needed
print(f"Potential path traversal: {file}")• generic web:
curl 'http://your-openchatbi-instance/tool/save_report?file_format=../../../../etc/passwd' -s | grep 'etc/passwd'disclosure
Exploit Status
EPSS
0.08% (23% percentiel)
CISA SSVC
The primary mitigation is to upgrade to openchatbi version 0.2.2 or later, which includes the necessary input sanitization fixes. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) rule to block requests containing suspicious path traversal sequences in the file_format parameter. Additionally, restrict write access to the report directory to only the necessary user accounts. Regularly review and audit the application's file handling logic to identify and address potential vulnerabilities.
Actualiseer OpenChatBI naar versie 0.2.2 of hoger. Deze versie bevat de correctie voor de path traversal vulnerability in de save_report tool. De update kan worden uitgevoerd via de package manager die gebruikt is om OpenChatBI te installeren.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2026-28795 is a Path Traversal vulnerability in openchatbi versions up to 0.2.1, allowing attackers to write files outside the intended report directory.
You are affected if you are using openchatbi version 0.2.1 or earlier. Check your version and upgrade immediately.
Upgrade to openchatbi version 0.2.2 or later to resolve the vulnerability. Consider WAF rules as a temporary mitigation.
There are currently no known active exploits or campaigns targeting CVE-2026-28795, but the HIGH severity warrants prompt remediation.
Refer to the openchatbi project's official repository or website for the latest security advisories and release notes.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Upload je requirements.txt-bestand en we vertellen je direct of je getroffen bent.