First published: Tue Apr 15 2025(Updated: )
E.D.D.I (Enhanced Dialog Driven Interface) is a middleware to connect and manage LLM API bots. In versions before 5.5.0, an attacker with access to the `/backup/import` API endpoint can write arbitrary files to locations outside the intended extraction directory due to a Zip Slip vulnerability. Although the application runs as a non-root user (`185`), limiting direct impact on system-level files, this vulnerability can still be exploited to overwrite application files (e.g., JAR libraries) owned by the application user. This overwrite can potentially lead to Remote Code Execution (RCE) within the application's context. This issue has been patched in version 5.5.0.
Credit: security-advisories@github.com
Affected Software | Affected Version | How to fix |
---|---|---|
labsai E.D.D.I | <5.5.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2025-32779 is categorized as a high-severity vulnerability due to the potential for remote code execution.
To fix CVE-2025-32779, upgrade E.D.D.I to version 5.5.0 or later.
The impact of CVE-2025-32779 is that an attacker can exploit the vulnerability to write arbitrary files outside the intended extraction directory.
E.D.D.I versions prior to 5.5.0 are affected by CVE-2025-32779.
An attacker can exploit CVE-2025-32779 by accessing the `/backup/import` API endpoint and manipulating the zip file extraction process.