CVE-2024-10835: Arbitrary File Write via SQL Injection in eosphoros-ai/db-gpt
First published: Thu Mar 20 2025(Updated: )
In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/sql/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write using DuckDB SQL, enabling them to write arbitrary files to the victim's file system. This can potentially lead to Remote Code Execution (RCE).
Credit: security@huntr.dev
| Affected Software | Affected Version | How to fix |
|---|---|---|
| eosphoros-ai db-gpt |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-10835?
CVE-2024-10835 is considered to be a critical vulnerability due to its potential for arbitrary SQL execution and file write.
How do I fix CVE-2024-10835?
To remediate CVE-2024-10835, implement proper access controls on the affected API endpoint to prevent unauthorized SQL execution.
What systems are affected by CVE-2024-10835?
CVE-2024-10835 affects eosphoros-ai/db-gpt version v0.6.0.
What type of attacks can be performed using CVE-2024-10835?
Attackers can exploit CVE-2024-10835 to execute arbitrary SQL queries, leading to Arbitrary File Write vulnerabilities.
Is there a patch available for CVE-2024-10835?
As of now, there is no official patch for CVE-2024-10835, but it is crucial to implement immediate access control measures.
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/title
- agent/weakness
- agent/type
- agent/first-publish-date
- agent/description
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/author
- agent/severity
- agent/source
- agent/tags
- agent/event
- vendor/eosphoros-ai
- canonical/eosphoros-ai db-gpt