| Título | zhayujie chatgpt-on-wechat (CowAgent) 2.0.4 Path Traversal Leading to Arbitrary File Read |
|---|
| Descrição | The /api/memory/content endpoint in the chatgpt-on-wechat Web Console accepts a filename parameter that is passed directly to the filesystem read operation without any path validation or sanitization. By using directory traversal sequences (../), an unauthenticated attacker can read any file on the server that is accessible to the application process. This includes system files (/etc/passwd, /etc/hosts), application configuration files containing full API keys, SSH keys, and any other sensitive data. |
|---|
| Fonte | ⚠️ https://github.com/zhayujie/chatgpt-on-wechat/issues/2734 |
|---|
| Utilizador | Yu_Bao (UID 89348) |
|---|
| Submissão | 31/03/2026 12h37 (há 13 dias) |
|---|
| Moderação | 09/04/2026 14h57 (9 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 356552 [zhayujie chatgpt-on-wechat CowAgent até 2.0.4 API Memory Content Endpoint agent/memory/service.py dispatch filename Travessia de Diretório] |
|---|
| Pontos | 20 |
|---|