transformeroptimus/superagi 中的路径遍历漏洞

该路径遍历漏洞的潜在影响非常严重。攻击者可以利用此漏洞上传恶意文件，例如webshell，从而获得服务器的控制权。此外，攻击者还可以覆盖服务器上的重要文件，导致数据丢失或系统崩溃。由于SuperAGI可能用于处理敏感数据，因此该漏洞可能导致数据泄露和隐私泄露。攻击者可能利用此漏洞进行横向移动，攻击其他连接到同一网络的系统。该漏洞的爆发范围取决于SuperAGI的部署环境和权限。

Organizations deploying SuperAGI, particularly those using the 0.0.14 version or earlier, are at risk. Shared hosting environments where SuperAGI is deployed alongside other applications are particularly vulnerable, as a successful exploit could potentially compromise other tenants on the same server. Users who have not implemented robust file upload validation and access controls are also at increased risk.

• python / server:

import os
import glob

# Check for unusual files in the upload directory
upload_dir = '/path/to/superagi/uploads/'
for file in glob.glob(upload_dir + '*'):
    if '..' in file or '../' in file:
        print(f'Potential Path Traversal: {file}')

• linux / server:

# Check for files outside the intended upload directory
find /path/to/superagi/uploads/ -type f -not -path '/path/to/superagi/uploads/*'

• generic web:

curl -I 'http://your-superagi-server/uploads/../../../../etc/passwd' # Check for directory traversal attempts

1. 2025-03-20Disclosure

   disclosure

1. 已保留2024-10-01
2. 发布日期2025-03-20
3. EPSS 更新日期2026-04-02

由于没有提供固定的版本，建议立即采取以下缓解措施。首先，限制文件上传功能的可访问性，仅允许授权用户上传文件。其次，实施严格的文件类型验证，只允许上传预期的文件类型。第三，使用Web应用防火墙（WAF）或代理服务器来过滤恶意文件上传请求。第四，定期审查服务器上的文件，查找可疑文件。最后，监控SuperAGI的日志，查找异常活动。升级到修复版本是最终解决方案，请密切关注官方更新。