CVE-2024-10835
DB-GPT is vulnerable to SQL Injection attacks from unauthenticated users
9.1
CRITICAL
CVSS 3.1
EPSS 1.5%
Description
In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/sql/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write using DuckDB SQL, enabling them to write arbitrary files to the victim's file system. This can potentially lead to Remote Code Execution (RCE).
How to fix CVE-2024-10835
To remediate CVE-2024-10835, upgrade the affected package to a fixed version below.
- —upgrade to 0.7.1 or later
Is CVE-2024-10835 being exploited?
Low — EPSS is 1.5%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 0.7.1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL9.1 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H |