CVE-2025-3547

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-3547
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-3547.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-3547
Published
2025-04-14T03:15:16.463Z
Modified
2026-04-10T05:26:20.909679Z
Severity
  • 5.3 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVSS Calculator
Summary
[none]
Details

A vulnerability classified as critical was found in frdel Agent-Zero 0.8.1.2. This vulnerability affects unknown code of the file /getworkdir_files. The manipulation of the argument path leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

References

Affected packages

Git / github.com/agent0ai/agent-zero

Affected ranges

Type
GIT
Repo
https://github.com/agent0ai/agent-zero
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
2a9b30eddf51430f98c70e078502e5d1efe9195e
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "0.8.1.2"
        }
    ]
}

Affected versions

v0.*
v0.2
v0.3
v0.4
v0.5
v0.6
v0.6.1
v0.6.2
v0.7
v0.7.1
v0.8
v0.8.1
v0.8.1.2

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-3547.json"