| Titel | zhayujie chatgpt-on-wechat (CowAgent) 2.0.4 Path Traversal Leading to Arbitrary File Read |
|---|
| Beschreibung | The /api/memory/content endpoint in the chatgpt-on-wechat Web Console accepts a filename parameter that is passed directly to the filesystem read operation without any path validation or sanitization. By using directory traversal sequences (../), an unauthenticated attacker can read any file on the server that is accessible to the application process. This includes system files (/etc/passwd, /etc/hosts), application configuration files containing full API keys, SSH keys, and any other sensitive data. |
|---|
| Quelle | ⚠️ https://github.com/zhayujie/chatgpt-on-wechat/issues/2734 |
|---|
| Benutzer | Yu_Bao (UID 89348) |
|---|
| Einreichung | 31.03.2026 12:37 (vor 10 Tagen) |
|---|
| Moderieren | 09.04.2026 14:57 (9 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 356552 [zhayujie chatgpt-on-wechat CowAgent bis 2.0.4 API Memory Content Endpoint agent/memory/service.py dispatch filename Directory Traversal] |
|---|
| Punkte | 20 |
|---|