Eosphoros AI DB-GPT Arbitrary File Deletion Vulnerability on Windows
Vulnerability
A vulnerability allowing arbitrary file deletion has been identified in Eosphoros AI DB-GPT, specifically in the latest version. This issue arises on Windows systems, where the application does not properly sanitize the backslash character, a common path separator in Windows. Exploiting this vulnerability involves manipulating the 'plugin_repo_name' variable to delete files from the host system via the '/v1/agent/hub/update' endpoint.
Impact
Exploitation of this vulnerability allows for the deletion of any files on the Windows system where DB-GPT is running.
Reproduction
To reproduce this vulnerability, install DB-GPT on a Windows machine. After setting up the environment and installing the application, edit the .env file to include the necessary proxy LLM configurations. Once the server is running, create a folder named 'poc' in the DB-GPT directory and place a file named 'cybrx.txt' inside it. Then, send a POST request to the '/v1/agent/hub/update' endpoint with a payload that includes a crafted 'url' parameter targeting the 'poc' folder. The 'cybrx.txt' file will be deleted as a result.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.