OpenBMB XAgent Path Traversal Vulnerability in ToolServerNode Upload File Endpoint
Vulnerability
A path traversal vulnerability has been identified in OpenBMB XAgent version 1.0.0. The issue resides in the ToolServerNode component, specifically within the upload_file function of the workspace router. This vulnerability allows for arbitrary file writes to the container's filesystem by manipulating the file_name parameter in the multipart upload. The exploitation can be initiated remotely, and the ToolServerNode container runs as root, giving full control over the filesystem.
Impact
Exploitation of this vulnerability allows for arbitrary file writes on the container's filesystem, with potential to overwrite application code, plant cron jobs for persistent execution, drop SSH keys for direct access, or corrupt data in any filesystem path.
Reproduction
The vulnerability can be reproduced by uploading a file through the ToolServerNode's '/upload_file' endpoint, using a filename that includes '../' sequences to traverse out of the intended directory. This can be done using a tool like curl or a Python script that automates the upload process.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.