AutoGPT Unauthenticated Denial-of-Service Vulnerability via Disk Space Exhaustion

A denial-of-service vulnerability has been identified in AutoGPT, a platform for managing AI agents. This issue affects versions 0.4.2 through 0.6.51. The vulnerability arises from uncontrolled disk space consumption in the 'download_agent_file' endpoint, which creates temporary files for each request but does not delete them afterward. An unauthenticated attacker can exploit this by repeatedly calling the endpoint, leading to disk exhaustion and causing application crashes. This renders the AutoGPT backend unavailable to all users.

Impact

Exploitation of this vulnerability leads to a high-severity denial-of-service condition, where the server's disk space is exhausted. This causes the application to crash and the AutoGPT platform backend to become unavailable to all users.

Reproduction

To reproduce this vulnerability, first, obtain a valid 'store_listing_version_id' by querying the '/agents' endpoint. Then, send repeated requests to the 'download_agent_file' endpoint. Each request will create a new temporary file that persists until manually deleted or the system is rebooted. This accumulation of files will exhaust the server's disk space, causing 'No space left on device' errors and disrupting database or system services.

Remediation

Users can update to AutoGPT version 0.6.52, which addresses this vulnerability. Instructions for updating are available on the AutoGPT Releases page.