PromtEngineer localGPT Arbitrary File Read Vulnerability

A critical vulnerability has been identified in PromtEngineer localGPT versions through 4d41c7d1713b16b216d8e062e51a5dd88b20b054. This vulnerability exists in the web interface component, specifically within the 'handle_index' function of 'rag_system/api_server.py'. The issue allows any unauthenticated attacker to read arbitrary files from the server and extract their full contents via the web interface. This vulnerability is remote, requires no authentication, and has been publicly disclosed along with an available exploit.

Impact

Exploitation of this vulnerability leads to unauthorized access to sensitive files, including configuration files with passwords, API keys, and database credentials. It allows extraction of user data and system information, access to AWS credentials, SSH keys, and other secrets, effectively compromising the entire system.

Reproduction

The vulnerability can be reproduced by sending a POST request to the '/index' endpoint with a 'file_paths' list containing the paths of files to be read. The 'session_id' parameter must also be included. The server will read the specified files and index their contents, which can then be accessed through the '/chat' endpoint.