Submit #767236: OpenBMB XAgent 1.0.0 Path Traversal (CWE-22)info

TitelOpenBMB XAgent 1.0.0 Path Traversal (CWE-22)
BeschreibungA Path Traversal vulnerability exists in the `workspace` router method in `XAgentServer/application/routers/workspace.py` of XAgent. The application fails to sanitize the `file_name` parameter received from user-submitted form data before passing it to `os.path.join()`. The resulting path is used directly to open and return file contents, with no call to `os.path.basename()`, no stripping of `../`, and no `os.path.realpath()` prefix check. # Vulnerable Code File: XAgentServer/application/routers/workspace.py (Lines 70-139) Method: /workspace/file endpoint Why: The `file_name` parameter (line 74) is received directly from form data and passed unsanitized to `os.path.join(file_path, file_name)` across all suffix branches (lines 98, 108, 113, 118, 122, 132, 136), allowing traversal to arbitrary paths outside the intended workspace directory. # Reproduction 1. Clone and start the stack: git clone https://github.com/OpenBMB/XAgent.git && cd XAgent && docker compose up -d 2. Login with hardcoded default credentials: POST /user/login with email=Guest, token=xagent 3. Create an interaction: POST /conv/init_conv_env with user_id=guest, token=xagent 4. Trigger path traversal: POST /workspace/file with user_id=guest, token=xagent, interaction_id=<ID>, file_name=../../../../../../../etc/passwd 5. The full /etc/passwd contents are returned in the HTTP response body. # Impact - Arbitrary File Read on the main XAgentServer container filesystem - Exfiltration of database credentials (MySQL root:xagent, Redis password from envs.py) - Exfiltration of all users' interaction data and workspace files - Exfiltration of application source code, JWT/session secrets, API keys - System files like /etc/shadow accessible (container runs as root by default) - Default credentials (guest/xagent) ship enabled by default, making this exploitable on any fresh deployment with zero credential theft required.
Quelle⚠️ https://github.com/OpenBMB/XAgent/issues/420
Benutzer
 Eric-x (UID 94869)
Einreichung25.02.2026 09:58 (vor 3 Monaten)
Moderieren11.03.2026 13:27 (14 days later)
StatusAkzeptiert
VulDB Eintrag350384 [OpenBMB XAgent 1.0.0 workspace.py workspace file_name Directory Traversal]
Punkte20

ZurückÜbersichtWeiter

Do you know our Splunk app?

Download it now for free!