ByteDance DeerFlow Path Traversal and Arbitrary File Write Vulnerability

A path traversal and arbitrary file write vulnerability has been identified in ByteDance DeerFlow versions prior to commit 2176b2b. This vulnerability occurs during the creation of custom agents in bootstrap mode, where the validation of agent names is improperly handled. Attackers can exploit this by providing traversal-style inputs or absolute paths as agent names, which can lead to the creation of directories and writing of files outside the designated custom agent directory. The impact of this vulnerability is contingent upon the file system permissions of the affected system.

Impact

Exploitation of this vulnerability could result in unauthorized file writes on the system, potentially overwriting critical files or creating new ones in sensitive locations.

Reproduction

To reproduce this vulnerability, create a custom agent in bootstrap mode and provide an agent name that includes traversal sequences or absolute paths. The agent name validation will be bypassed, allowing files to be written outside the intended directory.

Remediation

Users are advised to update to the latest version of ByteDance DeerFlow, where this vulnerability has been addressed.