CVE-2025-0452

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-0452

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-0452.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-0452

Published

2025-03-20T10:15:52.890Z

Modified

2026-04-10T05:20:16.626805Z

Severity

8.2 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H CVSS Calculator

Summary

[none]

Details

eosphoros-ai/DB-GPT version latest is vulnerable to arbitrary file deletion on Windows systems via the '/v1/agent/hub/update' endpoint. The application fails to properly filter the '\' character, which is commonly used as a separator in Windows paths. This vulnerability allows attackers to delete any files on the host system by manipulating the 'pluginreponame' variable.

References

https://huntr.com/bounties/7e854343-3d61-47d4-ad41-c4d2f356a54a

Affected packages

Git / github.com/eosphoros-ai/db-gpt

Affected ranges

Type

GIT

Repo

https://github.com/eosphoros-ai/db-gpt

Events

Introduced

Last affected

6c682befa8e5015db3c1e61f7d97ccf9ec3b5fff

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "0.6.1"
        }
    ]
}

Affected versions

0.*

0.4.1

v0.*

v0.0.1

v0.0.2

v0.0.3

v0.0.4-alpha

v0.0.5-beta

v0.0.6

v0.0.7

v0.1.0

v0.1.1

v0.2.0

v0.2.1

v0.2.2

v0.2.3

v0.3.0

v0.3.1

v0.3.2

v0.3.3

v0.3.4

v0.3.5

v0.3.6

v0.3.7

v0.3.8

v0.3.9

v0.4.0

v0.4.2

v0.4.3

v0.4.4

v0.4.5

v0.4.6

v0.4.7

v0.5.0

v0.5.1

v0.5.10

v0.5.2

v0.5.3

v0.5.4

v0.5.5

v0.5.6

v0.5.7

v0.5.8

v0.5.9

v0.6.0

v0.6.1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-0452.json"