CVE-2026-27598 is a path traversal vulnerability categorized under CWE-22 affecting dagu, a workflow engine with a built-in web user interface. In dagu versions up to and including 1.16.7, the CreateNewDAG API endpoint (POST /api/v1/dags) does not properly validate the DAG name input before passing it to the file storage system. This lack of validation allows an authenticated user with DAG write permissions to craft DAG names containing path traversal sequences (e.g., ../) that enable writing arbitrary YAML files to any location on the filesystem accessible by the dagu process. Since dagu executes DAG files as shell commands, an attacker can leverage this to write malicious DAG files into the DAG directory of another dagu instance or overwrite critical configuration files, leading to remote code execution (RCE). The vulnerability requires authentication and DAG write privileges but does not require user interaction or elevated privileges beyond those permissions. The issue was addressed in commit e2ed589105d79273e4e6ac8eb31525f765bb3ce4, which adds proper validation to restrict DAG names and prevent path traversal. The CVSS 4.0 base score is 7.1 (high), reflecting the network attack vector, low attack complexity, no privileges required beyond DAG write, and high impact on integrity via RCE. No known exploits are reported in the wild yet. This vulnerability highlights the risk of insufficient input validation in workflow automation tools that execute user-supplied files.

The vulnerability allows attackers with DAG write permissions to write arbitrary files anywhere on the filesystem accessible to the dagu process, potentially overwriting critical configuration files or injecting malicious DAG files that are executed as shell commands. This can lead to remote code execution, compromising the confidentiality, integrity, and availability of affected systems. Organizations using dagu for workflow automation may face complete system compromise, data breaches, or disruption of automated processes. Multi-tenant environments or instances exposed to a broader user base are at higher risk. The requirement for authentication and DAG write permissions limits the attack surface but does not eliminate it, especially if credentials are compromised or if insider threats exist. The ability to execute arbitrary commands can facilitate lateral movement, privilege escalation, and persistent access within affected networks.

1. Upgrade dagu to version 1.16.8 or later where the vulnerability is fixed. 2. Restrict DAG write permissions strictly to trusted users and service accounts. 3. Implement strong authentication and access controls to prevent unauthorized access to the CreateNewDAG API endpoint. 4. Monitor and audit DAG creation and modification activities for suspicious patterns, especially unusual DAG names containing path traversal sequences. 5. Employ filesystem permissions and containerization to limit the dagu process's filesystem access, reducing the impact of arbitrary file writes. 6. Use network segmentation and firewall rules to restrict access to the dagu web interface and API. 7. Conduct regular security assessments and code reviews for custom workflow scripts to detect malicious modifications. 8. Consider deploying runtime application self-protection (RASP) or endpoint detection and response (EDR) solutions to detect anomalous command executions triggered by dagu.