In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/sql/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write using DuckDB SQL, enabling them to write arbitrary files to the victim's file system. This can potentially lead to Remote Code Execution (RCE).
An unauthenticated attacker sends an HTTP POST request to the public endpoint `/api/v1/editor/sql/run`, passing an arbitrary SQL query. The lack of access control mechanisms causes the query to be executed directly by the DuckDB engine. DuckDB functions allow writing data to files on the server's operating system, enabling the attacker to place a malicious file (e.g., executable script or webshell) and subsequently cause it to be executed, gaining control over the system.
An attacker can write arbitrary files to the victim's file system, which in practice can lead to remote code execution (RCE) and complete takeover of the server. The confidentiality, integrity, and availability of the entire system are at risk.
Apply patches available from the vendor according to references. Additionally, it is recommended to immediately restrict access to the `/api/v1/editor/sql/run` endpoint at the firewall or reverse proxy level until the patch is implemented, and to implement authentication and authorization for all API endpoints.
eosphoros-ai/db-gpt version v0.6.0
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDbgpt Db Gpt
APPDbgpt0.6.0
Related vulnerabilities
Dowolne wykonanie kodu przez niekontrolowane SQL API w db-gpt
Absolute Path Traversal w DB-GPT — zapis plików w dowolnej lokalizacji
Arbitrary file write przez path traversal w DB-GPT (knowledge API)
Dowolny zapis plików w db-gpt przez podatność path traversal w RAG-knowledge
Arbitrary File Upload z Path Traversal w db-gpt — możliwy RCE