eosphoros-ai db-gpt SQL Injection Vulnerability Leading to Arbitrary File Write

A SQL injection vulnerability has been identified in eosphoros-ai db-gpt versions through 0.7.5. This issue arises from an incomplete fix in the web API endpoint POST /api/v1/editor/sql/run, allowing remote attackers to execute arbitrary SQL queries. Exploitation of this vulnerability can result in unauthorized writing of files to the victim's file system, with potential for further exploitation leading to remote code execution.

Impact

Exploitation of this vulnerability allows for arbitrary file writing on the victim's local file system. This could be leveraged to execute malicious code, particularly by placing a harmful Python script in a directory recognized by Python, such as the site-packages directory.

Reproduction

To reproduce this vulnerability, first upload a file to the DuckDB database using the 'POST /api/v1/chat/db/add' endpoint. Then, send a 'POST' request to the '/api/v1/editor/sql/run' endpoint with a crafted SQL query that exploits the SQL injection vulnerability. The query should be designed to write a file to the server's file system, such as a temporary file.

Remediation

Users are advised to update to the latest version of eosphoros-ai db-gpt, where this vulnerability has been fixed.