In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/chart/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write, enabling them to write arbitrary files to the victim's file system. This can potentially lead to Remote Code Execution (RCE) by writing malicious files such as `__init__.py` in the Python's `/site-packages/` directory.
An unauthenticated attacker sends an HTTP POST request to the `/api/v1/editor/chart/run` endpoint, passing an arbitrary SQL query that is executed by the server without permission verification. This mechanism (CWE-434 — unrestricted file upload/write) allows writing a file of arbitrary content to any location in the victim's file system. An example attack scenario involves overwriting or creating a malicious `__init__.py` file in the `/site-packages/` directory of the Python interpreter, resulting in code execution when the module is subsequently imported by the application.
An attacker can gain full control over the server through Remote Code Execution (RCE) — without needing to possess any account or permissions. The result may be compromise of confidentiality, integrity, and availability of the entire system.
Patches available from the vendor should be applied according to the references. It is also recommended to restrict network access to db-gpt application API endpoints exclusively to trusted hosts until the fix is applied.
eosphoros-ai/db-gpt version v0.6.0
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDbgpt Db Gpt
APPDbgpt0.6.0
Related vulnerabilities
SQL Injection i zapis plików w db-gpt umożliwiające RCE
Absolute Path Traversal w DB-GPT — zapis plików w dowolnej lokalizacji
Arbitrary file write przez path traversal w DB-GPT (knowledge API)
Dowolny zapis plików w db-gpt przez podatność path traversal w RAG-knowledge
Arbitrary File Upload z Path Traversal w db-gpt — możliwy RCE