CVE-2024-10833 Overview
CVE-2024-10833 is a critical arbitrary file write vulnerability affecting eosphoros-ai/db-gpt version 0.6.0. The vulnerability exists in the knowledge API endpoint used for uploading files, which is susceptible to absolute path traversal attacks. This flaw allows unauthenticated attackers to write files to arbitrary locations on the target server by manipulating the doc_file.filename parameter, which is user-controllable.
Critical Impact
Attackers can write arbitrary files to any location on the server, potentially leading to remote code execution, system compromise, or complete denial of service.
Affected Products
- DB-GPT version 0.6.0
Discovery Timeline
- 2025-03-20 - CVE-2024-10833 published to NVD
- 2025-10-15 - Last updated in NVD database
Technical Details for CVE-2024-10833
Vulnerability Analysis
This path traversal vulnerability (CWE-36) affects the knowledge file upload functionality in DB-GPT. The root cause is insufficient validation of user-supplied file names during the upload process. When a user uploads a file through the knowledge API, the application fails to sanitize or validate the doc_file.filename parameter, allowing attackers to construct absolute file paths that escape the intended upload directory.
The vulnerability can be exploited remotely without authentication, and successful exploitation could result in high impact to both system integrity and availability. An attacker could overwrite critical system files, inject malicious scripts, or plant web shells for persistent access.
Root Cause
The vulnerability stems from improper handling of the doc_file.filename parameter in the knowledge upload endpoint. The application accepts user-controlled input for the filename without proper sanitization, failing to strip or reject absolute path components. This allows attackers to bypass directory restrictions and write files to arbitrary locations on the filesystem using path traversal sequences or absolute paths.
Attack Vector
The attack is network-based and can be executed without any user interaction or authentication. An attacker crafts a malicious HTTP request to the knowledge upload endpoint, specifying an absolute path in the filename parameter. For example, instead of a simple filename like document.txt, an attacker could supply /etc/cron.d/malicious_job or /var/www/html/shell.php to write files to sensitive locations.
The vulnerability can be exploited by sending a crafted multipart form request to the knowledge upload API where the filename field contains an absolute path instead of a relative filename. This allows the attacker to specify the exact destination on the server's filesystem where the uploaded content will be written. Technical details and proof-of-concept information are available in the Huntr Bounty Report.
Detection Methods for CVE-2024-10833
Indicators of Compromise
- Unexpected files appearing in system directories such as /etc/, /var/www/, or other sensitive locations
- Web server logs showing upload requests with absolute paths or path traversal sequences in filename parameters
- New or modified files with timestamps correlating to suspicious knowledge API upload requests
- Presence of web shells or unauthorized scripts in web-accessible directories
Detection Strategies
- Monitor HTTP requests to the knowledge API endpoint for filename parameters containing absolute paths or ../ traversal sequences
- Implement file integrity monitoring on critical system directories to detect unauthorized file creation or modification
- Deploy web application firewall (WAF) rules to block requests containing path traversal patterns in multipart form data
- Audit access logs for unusual patterns targeting the knowledge upload functionality
Monitoring Recommendations
- Enable detailed logging for all file upload operations in DB-GPT
- Configure alerts for file write operations outside the designated upload directory
- Monitor for creation of executable files (.php, .py, .sh) in unexpected locations
- Implement real-time detection for path traversal patterns in HTTP request parameters
How to Mitigate CVE-2024-10833
Immediate Actions Required
- Restrict network access to DB-GPT instances, limiting exposure to trusted networks only
- Disable the knowledge upload functionality if not critical to operations until a patch is available
- Implement strict input validation at the web server or reverse proxy level to reject requests with absolute paths
- Apply filesystem permissions to limit the DB-GPT process's write capabilities to designated directories only
Patch Information
At the time of publication, users should monitor the official DB-GPT repository for security updates addressing this vulnerability. Organizations running DB-GPT version 0.6.0 should upgrade to the latest version as soon as a patched release becomes available.
Workarounds
- Deploy a reverse proxy with strict input validation rules that reject filename parameters containing / or \ characters
- Run DB-GPT in a containerized environment with limited filesystem write access
- Implement mandatory file extension whitelisting to restrict uploads to specific safe file types
- Configure the application to run with minimal filesystem permissions using a dedicated low-privilege service account
# Example: Restrict filesystem permissions for DB-GPT service
# Create dedicated user with limited permissions
useradd -r -s /bin/false dbgpt-service
# Limit write access to upload directory only
chown -R dbgpt-service:dbgpt-service /opt/dbgpt/uploads
chmod 755 /opt/dbgpt/uploads
# Run service with restricted permissions
systemctl edit dbgpt --force
# Add: User=dbgpt-service
# Add: ReadWritePaths=/opt/dbgpt/uploads
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
