CVE-2025-57697
MEDIUMCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Lifecycle Timeline
3Description
AstrBot Project v3.5.22 has an arbitrary file read vulnerability in function _encode_image_bs64. Since the _encode_image_bs64 function defined in entities.py opens the image specified by the user in the request body and returns the image content as a base64-encoded string without checking the legitimacy of the image path, attackers can construct a series of malicious URLs to read any specified file, resulting in sensitive data leakage.
Analysis
AstrBot Project v3.5.22 has an arbitrary file read vulnerability in function _encode_image_bs64. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Technical Context
This vulnerability is classified as Out-of-bounds Read (CWE-125), which allows attackers to read data from memory outside the intended buffer boundaries. AstrBot Project v3.5.22 has an arbitrary file read vulnerability in function _encode_image_bs64. Since the _encode_image_bs64 function defined in entities.py opens the image specified by the user in the request body and returns the image content as a base64-encoded string without checking the legitimacy of the image path, attackers can construct a series of malicious URLs to read any specified file, resulting in sensitive data leakage. Affected products include: Astrbot.
Affected Products
Astrbot.
Remediation
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate array indices and buffer lengths. Use memory-safe languages. Enable AddressSanitizer during testing.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today