CVE-2025-6772: Path Traversal in eosphoros-ai db-gpt
A vulnerability was found in eosphoros-ai db-gpt up to 0.7.2. It has been classified as critical. Affected is the function import_flow of the file /api/v2/serve/awel/flow/import. The manipulation of the argument File leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
AI Analysis
Technical Summary
CVE-2025-6772 is a path traversal vulnerability identified in the eosphoros-ai db-gpt product, specifically affecting versions 0.7.0, 0.7.1, and 0.7.2. The vulnerability resides in the import_flow function within the /api/v2/serve/awel/flow/import endpoint. An attacker can manipulate the 'File' argument to perform a path traversal attack, allowing unauthorized access to files outside the intended directory structure. This vulnerability can be exploited remotely without requiring any authentication or user interaction, increasing the risk of exploitation. The vulnerability has a CVSS 4.0 base score of 6.9, categorized as medium severity, with an attack vector of network (AV:N), low attack complexity (AC:L), no privileges required (PR:N), and no user interaction (UI:N). The impact on confidentiality, integrity, and availability is rated as low to medium, indicating that while the attacker can access files outside the intended scope, the overall damage potential is somewhat limited by the nature of the accessible files and the scope of the application. No public exploits are currently known to be in the wild, but the exploit details have been disclosed publicly, which may increase the risk of future exploitation. No patches or fixes have been linked yet, so affected users should monitor vendor communications closely for updates.
Potential Impact
For European organizations using eosphoros-ai db-gpt versions up to 0.7.2, this vulnerability poses a risk of unauthorized file access, potentially exposing sensitive configuration files, credentials, or other critical data stored on the server. This could lead to information disclosure, which may facilitate further attacks such as privilege escalation or lateral movement within the network. Given that the vulnerability can be exploited remotely without authentication, attackers could target exposed instances over the internet or internal networks. The impact is particularly significant for organizations handling sensitive or regulated data, such as financial institutions, healthcare providers, or government agencies, where data confidentiality and integrity are paramount. Additionally, exploitation could disrupt operations if critical files are accessed or modified, affecting availability indirectly. The medium CVSS score reflects a moderate risk, but the ease of exploitation and lack of required privileges elevate the threat level. Organizations in Europe must consider the regulatory implications of data breaches under GDPR and other data protection laws, which could result in legal and financial penalties.
Mitigation Recommendations
1. Immediate mitigation should include restricting access to the vulnerable import_flow endpoint by implementing network-level controls such as IP whitelisting or VPN-only access to reduce exposure. 2. Employ web application firewalls (WAFs) with custom rules to detect and block path traversal patterns in the 'File' parameter. 3. Conduct a thorough audit of all instances running affected versions and isolate them from public networks until patched. 4. Monitor logs for suspicious requests targeting the /api/v2/serve/awel/flow/import endpoint, focusing on unusual file path patterns or repeated access attempts. 5. Implement strict input validation and sanitization on the server side to ensure that file path parameters cannot include traversal sequences (e.g., '../'). 6. Engage with the vendor or community to obtain patches or updates as soon as they become available and prioritize timely deployment. 7. As a longer-term measure, consider deploying runtime application self-protection (RASP) solutions to detect and prevent exploitation attempts dynamically. 8. Educate development and security teams about secure coding practices to prevent similar vulnerabilities in future releases.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland, Sweden
CVE-2025-6772: Path Traversal in eosphoros-ai db-gpt
Description
A vulnerability was found in eosphoros-ai db-gpt up to 0.7.2. It has been classified as critical. Affected is the function import_flow of the file /api/v2/serve/awel/flow/import. The manipulation of the argument File leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
AI-Powered Analysis
Technical Analysis
CVE-2025-6772 is a path traversal vulnerability identified in the eosphoros-ai db-gpt product, specifically affecting versions 0.7.0, 0.7.1, and 0.7.2. The vulnerability resides in the import_flow function within the /api/v2/serve/awel/flow/import endpoint. An attacker can manipulate the 'File' argument to perform a path traversal attack, allowing unauthorized access to files outside the intended directory structure. This vulnerability can be exploited remotely without requiring any authentication or user interaction, increasing the risk of exploitation. The vulnerability has a CVSS 4.0 base score of 6.9, categorized as medium severity, with an attack vector of network (AV:N), low attack complexity (AC:L), no privileges required (PR:N), and no user interaction (UI:N). The impact on confidentiality, integrity, and availability is rated as low to medium, indicating that while the attacker can access files outside the intended scope, the overall damage potential is somewhat limited by the nature of the accessible files and the scope of the application. No public exploits are currently known to be in the wild, but the exploit details have been disclosed publicly, which may increase the risk of future exploitation. No patches or fixes have been linked yet, so affected users should monitor vendor communications closely for updates.
Potential Impact
For European organizations using eosphoros-ai db-gpt versions up to 0.7.2, this vulnerability poses a risk of unauthorized file access, potentially exposing sensitive configuration files, credentials, or other critical data stored on the server. This could lead to information disclosure, which may facilitate further attacks such as privilege escalation or lateral movement within the network. Given that the vulnerability can be exploited remotely without authentication, attackers could target exposed instances over the internet or internal networks. The impact is particularly significant for organizations handling sensitive or regulated data, such as financial institutions, healthcare providers, or government agencies, where data confidentiality and integrity are paramount. Additionally, exploitation could disrupt operations if critical files are accessed or modified, affecting availability indirectly. The medium CVSS score reflects a moderate risk, but the ease of exploitation and lack of required privileges elevate the threat level. Organizations in Europe must consider the regulatory implications of data breaches under GDPR and other data protection laws, which could result in legal and financial penalties.
Mitigation Recommendations
1. Immediate mitigation should include restricting access to the vulnerable import_flow endpoint by implementing network-level controls such as IP whitelisting or VPN-only access to reduce exposure. 2. Employ web application firewalls (WAFs) with custom rules to detect and block path traversal patterns in the 'File' parameter. 3. Conduct a thorough audit of all instances running affected versions and isolate them from public networks until patched. 4. Monitor logs for suspicious requests targeting the /api/v2/serve/awel/flow/import endpoint, focusing on unusual file path patterns or repeated access attempts. 5. Implement strict input validation and sanitization on the server side to ensure that file path parameters cannot include traversal sequences (e.g., '../'). 6. Engage with the vendor or community to obtain patches or updates as soon as they become available and prioritize timely deployment. 7. As a longer-term measure, consider deploying runtime application self-protection (RASP) solutions to detect and prevent exploitation attempts dynamically. 8. Educate development and security teams about secure coding practices to prevent similar vulnerabilities in future releases.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-06-27T10:17:13.526Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 685ee55f6f40f0eb7265dd2d
Added to database: 6/27/2025, 6:39:27 PM
Last enriched: 6/27/2025, 6:54:45 PM
Last updated: 7/12/2025, 1:43:38 PM
Views: 14
Related Threats
CVE-2025-7525: Command Injection in TOTOLINK T6
MediumCVE-2025-7524: Command Injection in TOTOLINK T6
MediumCVE-2025-7012: CWE-59 Improper Link Resolution Before File Access ('Link Following') in Cato Networks Cato Client
HighCVE-2025-7523: XML External Entity Reference in Jinher OA
MediumCVE-2025-7522: SQL Injection in PHPGurukul Vehicle Parking Management System
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.