AstrBot Path Traversal Vulnerability in Chat File Retrieval API

A path traversal vulnerability has been identified in the AstrBot chatbot framework, specifically in versions 3.4.4 through 3.5.12. This vulnerability allows unauthorized access to files by manipulating the filename parameter in the '/api/chat/get_file' endpoint, potentially leading to the disclosure of sensitive information such as API keys, account passwords, and other confidential data. The issue arises because the filename parameter is not properly sanitized before being used to access files on the server.

Impact

Exploitation of this vulnerability can result in unauthorized access to sensitive files, including configuration files that may contain API keys and passwords.

Reproduction

To reproduce this vulnerability, first set up the AstrBot application by installing the necessary dependencies and running the application. Once the application is running, send a GET request to the '/api/chat/get_file' endpoint with a crafted filename parameter that includes path traversal sequences (such as '../') to access sensitive files on the server, such as the 'cmd_config.json' file, which contains confidential information like LLM API keys, usernames, and password hashes.

Remediation

Users are advised to upgrade to AstrBot version 3.5.13 or later, where this vulnerability has been patched. Instructions for upgrading can be found in the project's documentation.