Описание
In composiohq/composio version 0.4.3, there is an unrestricted file write and read vulnerability in the filetools actions. Due to improper validation of file paths, an attacker can read and write files anywhere on the server, potentially leading to privilege escalation or remote code execution.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:composio:composio:0.4.3:*:*:*:*:*:*:*
EPSS
Процентиль: 78%
0.01145
Низкий
7.2 High
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-434
Связанные уязвимости
CVSS3: 7.2
github
11 месяцев назад
In composiohq/composio version 0.4.3, there is an unrestricted file write and read vulnerability in the filetools actions. Due to improper validation of file paths, an attacker can read and write files anywhere on the server, potentially leading to privilege escalation or remote code execution.
EPSS
Процентиль: 78%
0.01145
Низкий
7.2 High
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-434