Eosphoros AI DB-GPT Denial-of-Service Vulnerability via Multipart Request Boundary Processing

A denial-of-service vulnerability has been identified in Eosphoros AI DB-GPT version 0.6.0. This issue arises in the multipart request boundary processing, where the server fails to properly manage excessive characters added to the end of multipart boundaries. This flaw can be exploited by sending malformed multipart requests with arbitrary characters, such as hyphens or spaces, at the end of the boundary. The result is an infinite loop that consumes excessive resources, causing a complete denial of service for all users. This vulnerability affects all endpoints that process multipart/form-data requests.

Impact

Exploitation of this vulnerability leads to significant resource exhaustion, causing the server to become unresponsive. As a result, all users are unable to interact with the service, effectively causing a complete shutdown.

Reproduction

The vulnerability can be reproduced by sending a multipart request with an excessive number of characters appended to the end of the boundary. This can be done using a Python script that utilizes the Requests library to send the malformed request to an endpoint that processes file uploads.