CVE-2025-6280 is a path traversal vulnerability identified in TransformerOptimus SuperAGI versions up to 0.0.14, specifically within the download_attachment function of the SuperAGI/superagi/helper/read_email.py file, part of the EmailToolKit component. The vulnerability arises from improper validation or sanitization of the filename argument, allowing an attacker to manipulate this input to traverse directories outside the intended file path. This can lead to unauthorized access to arbitrary files on the host system. The vulnerability is classified as medium severity with a CVSS 4.0 score of 5.1, indicating a moderate risk level. The attack vector is adjacent network (AV:A), requiring low attack complexity (AC:L), no privileges required (PR:L), and no user interaction (UI:N). The impact affects confidentiality, integrity, and availability to a limited extent (VC:L, VI:L, VA:L). The vulnerability does not require authentication and does not involve scope or security requirements changes. Although no public exploits are currently known in the wild, the vulnerability has been publicly disclosed, increasing the risk of exploitation. The path traversal flaw could allow attackers to read sensitive files, potentially exposing credentials, configuration files, or other critical data, which could be leveraged for further attacks or lateral movement within the network. Given that the vulnerability exists in an email toolkit component, it may be triggered through crafted email attachments or related mechanisms, increasing the attack surface in environments where SuperAGI is used for email automation or processing. The affected versions span from 0.0.1 through 0.0.14, indicating that all currently released versions up to 0.0.14 are vulnerable. No patches or fixes have been linked yet, so mitigation relies on workarounds or restricting access to vulnerable components.

For European organizations, the impact of CVE-2025-6280 depends on the adoption of TransformerOptimus SuperAGI, particularly in environments leveraging its EmailToolKit for automation or email processing tasks. Successful exploitation could lead to unauthorized disclosure of sensitive files, including internal documents, credentials, or system configurations, compromising confidentiality. Integrity and availability impacts are limited but possible if attackers modify or delete files accessed via path traversal. This could disrupt business operations or lead to data tampering. Organizations in sectors with high reliance on email automation, such as finance, healthcare, and critical infrastructure, may face increased risk due to the potential exposure of sensitive information. Additionally, attackers could use the vulnerability as a foothold for further lateral movement or privilege escalation within corporate networks. The medium CVSS score suggests moderate urgency, but the public disclosure and lack of patches increase the risk profile. Given the vulnerability requires no user interaction and low privileges, it could be exploited by insiders or remote attackers with adjacent network access, such as within corporate LANs or VPNs. This makes internal network segmentation and access controls critical. The absence of known exploits in the wild currently limits immediate widespread impact, but proactive mitigation is recommended to prevent future exploitation.

1. Restrict network access to the SuperAGI EmailToolKit component, limiting it to trusted internal networks and users only, to reduce the attack surface. 2. Implement strict input validation and sanitization on the filename parameter in the download_attachment function to prevent path traversal sequences (e.g., '..', absolute paths). If source code modification is possible, apply patches or code fixes to enforce safe file path handling. 3. Monitor logs for suspicious access patterns or attempts to access unauthorized file paths via the EmailToolKit. 4. Employ application-layer firewalls or runtime application self-protection (RASP) tools to detect and block path traversal attempts targeting SuperAGI. 5. If patching is not immediately available, consider disabling or isolating the vulnerable EmailToolKit functionality until a fix is released. 6. Conduct internal audits to identify all instances of SuperAGI deployment and verify version levels to prioritize remediation. 7. Educate internal teams about the vulnerability and encourage vigilance for unusual system behavior or file access anomalies. 8. Use network segmentation to isolate systems running SuperAGI from sensitive data repositories to limit potential impact. 9. Regularly update and review access control policies to ensure least privilege principles are enforced for users and services interacting with SuperAGI.