免费扫描
CRITICALCVE-2024-10902CVSS 9.1

DB-GPT 存在路径遍历的任意文件上传漏洞

平台

python

组件

dbgpt

修复版本

0.6.1

AI Confidence: highNVDEPSS 3.3%已审阅: 2026年5月
在NVD查看
保存
正在翻译为您的语言…

CVE-2024-10902 is a critical Path Traversal vulnerability affecting versions of eosphoros-ai/db-gpt up to and including v0.6.0. This flaw allows attackers to upload arbitrary files to the server's file system, potentially leading to remote code execution. The vulnerability resides within the POST /v1/personal/agent/upload web API endpoint and requires immediate attention to prevent exploitation.

Python

检测此 CVE 是否影响你的项目

上传你的 requirements.txt 文件,立即知道是否受影响。

上传 requirements.txt支持的格式: requirements.txt · Pipfile.lock

影响与攻击场景翻译中…

The primary impact of CVE-2024-10902 is the ability for an attacker to upload arbitrary files to the server. This is a severe risk because it can be leveraged for remote code execution (RCE). Specifically, the description highlights the possibility of writing a malicious init.py file into the Python /site-packages/ directory, which would execute upon import. This could grant the attacker complete control over the affected system. The path traversal aspect means the attacker isn't limited to a specific upload directory; they can choose any location on the file system, significantly expanding the potential damage. Successful exploitation could lead to data breaches, system compromise, and denial of service.

利用背景翻译中…

CVE-2024-10902 was publicly disclosed on 2025-03-20. The vulnerability's severity is rated as CRITICAL (CVSS 9.1). There is no indication of it being added to the CISA KEV catalog at this time. The potential for RCE makes this a high-priority vulnerability. Public proof-of-concept (POC) code is currently unknown, but the ease of path traversal exploitation suggests that POCs may emerge quickly.

哪些人处于风险中翻译中…

Organizations deploying eosphoros-ai/db-gpt in production environments, particularly those using it for sensitive data processing or AI-driven applications, are at significant risk. Environments with weak file upload validation or inadequate access controls are especially vulnerable. Shared hosting environments where multiple users share the same server resources are also at increased risk.

检测步骤翻译中…

• python / server:

Get-ChildItem -Path "C:\\path\\to\\db-gpt\\uploads" -Recurse -Filter "*.py"

• generic web:

curl -I -X POST -F "file=@malicious_file.py" http://<target>/v1/personal/agent/upload | grep 'Location:'

攻击时间线

  1. Disclosure

    disclosure

威胁情报

漏洞利用状态

概念验证未知
CISA KEVNO
互联网暴露

EPSS

3.26% (87% 百分位)

CISA SSVC

利用情况poc
可自动化yes
技术影响partial

CVSS 向量

威胁情报· CVSS 3.1CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H9.1CRITICALAttack VectorNetwork攻击者如何到达目标Attack ComplexityLow利用漏洞所需的条件Privileges RequiredNone攻击所需的认证级别User InteractionNone是否需要受害者采取行动ScopeUnchanged超出受影响组件的影响范围ConfidentialityNone敏感数据泄露风险IntegrityHigh数据未授权篡改风险AvailabilityHigh服务中断风险nextguardhq.com · CVSS v3.1 基础分数
这些指标意味着什么?
Attack Vector
网络 — 可通过互联网远程利用,无需物理或本地访问。攻击面最大。
Attack Complexity
低 — 无需特殊条件,可以稳定地利用漏洞。
Privileges Required
无 — 无需认证,无需凭证即可利用。
User Interaction
无 — 攻击自动且无声,受害者无需任何操作。
Scope
未改变 — 影响仅限于脆弱组件本身。
Confidentiality
无 — 无机密性影响。
Integrity
高 — 攻击者可写入、修改或删除任何数据。
Availability
高 — 完全崩溃或资源耗尽,完全拒绝服务。

受影响的软件

组件dbgpt
供应商osv
影响范围修复版本
unspecified – latest
0.6.00.6.1

弱点分类 (CWE)

CWE-22

时间线

  1. 已保留
  2. 发布日期
  3. 修改日期
  4. EPSS 更新日期
未修复 — 披露已430天

缓解措施和替代方案翻译中…

The primary mitigation for CVE-2024-10902 is to upgrade to a patched version of eosphoros-ai/db-gpt. Unfortunately, a fixed version is not specified in the provided data. As a temporary workaround, implement strict file upload validation on the POST /v1/personal/agent/upload endpoint. This should include whitelisting allowed file extensions and rigorously validating the file path to prevent traversal attempts. Consider using a Web Application Firewall (WAF) with rules to block suspicious file uploads and path manipulation attempts. Regularly scan the file system for unexpected or unauthorized files. After applying mitigations, verify the upload endpoint's security by attempting to upload a file with a deliberately malicious path.

修复方法

升级到修复了任意文件上传和路径遍历漏洞的 db-gpt 打破版本。 请参阅版本说明或供应商网站以获取有关升级的具体说明。 作为临时措施,限制对 `/v1/personal/agent/upload` API 的访问,直到可以应用升级。

CVE 安全通讯

漏洞分析和关键警报直接发送到您的邮箱。

常见问题翻译中…

What is CVE-2024-10902 — Path Traversal in db-gpt?

CVE-2024-10902 is a critical vulnerability in eosphoros-ai/db-gpt versions up to v0.6.0 that allows attackers to upload arbitrary files due to a lack of proper path validation.

Am I affected by CVE-2024-10902 in db-gpt?

You are affected if you are using eosphoros-ai/db-gpt version 0.6.0 or earlier. Immediate action is required to mitigate the risk.

How do I fix CVE-2024-10902 in db-gpt?

Upgrade to a patched version of db-gpt. As no fixed version is specified, implement strict file upload validation and consider using a WAF as temporary mitigations.

Is CVE-2024-10902 being actively exploited?

There is currently no confirmed information about active exploitation, but the vulnerability's severity and ease of exploitation suggest it could be targeted soon.

Where can I find the official db-gpt advisory for CVE-2024-10902?

Refer to the eosphoros-ai project's official channels (GitHub repository, website) for updates and advisories related to CVE-2024-10902.

你的项目受影响吗?

上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。

免费扫描搜索 CVE