CVE-2025-67506
CRITICALCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4Description
PipesHub is a fully extensible workplace AI platform for enterprise search and workflow automation. Versions prior to 0.1.0-beta expose POST /api/v1/record/buffer/convert through missing authentication. The endpoint accepts a file upload and converts it to PDF via LibreOffice by uploading payload to os.path.join(tmpdir, file.filename) without normalizing the filename. An attacker can submit a crafted filename containing ../ sequences to write arbitrary files anywhere the service account has permission, enabling remote file overwrite or planting malicious code. This issue is fixed in version 0.1.0-beta.
Analysis
A critical authentication bypass and path traversal vulnerability in PipesHub AI platform allows unauthenticated remote attackers to upload files with directory traversal sequences, enabling arbitrary file writes anywhere the service account has permissions. This vulnerability affects PipesHub versions prior to 0.1.0-beta and has a publicly available proof-of-concept exploit, making it an immediate priority for organizations using this enterprise search and workflow automation platform. With a CVSS score of 9.8 and the ability to plant malicious code or overwrite critical files, this represents a severe risk to affected systems.
Technical Context
The vulnerability exists in the POST /api/v1/record/buffer/convert endpoint of PipesHub, an extensible workplace AI platform, where missing authentication checks allow unauthenticated access to file conversion functionality that uses LibreOffice. The affected versions include PipesHub 0.1.0-alpha, 0.1.2-alpha, and 0.1.3-alpha as confirmed by CPE entries (cpe:2.3:a:pipeshub:pipeshub:0.1.0:alpha:*:*:*:*:*:*, cpe:2.3:a:pipeshub:pipeshub:0.1.2:alpha:*:*:*:*:*:*, cpe:2.3:a:pipeshub:pipeshub:0.1.3:alpha:*:*:*:*:*:*). This is classified as CWE-22 (Improper Limitation of a Pathname to a Restricted Directory), where the application fails to properly sanitize user-supplied filenames containing ../ sequences before using them in file system operations via os.path.join(tmpdir, file.filename).
Affected Products
PipesHub AI platform versions prior to 0.1.0-beta are vulnerable, specifically including versions 0.1.0-alpha, 0.1.2-alpha, and 0.1.3-alpha as identified through CPE entries (cpe:2.3:a:pipeshub:pipeshub:0.1.0:alpha:*:*:*:*:*:*, cpe:2.3:a:pipeshub:pipeshub:0.1.2:alpha:*:*:*:*:*:*, cpe:2.3:a:pipeshub:pipeshub:0.1.3:alpha:*:*:*:*:*:*). The vulnerability has been confirmed and documented in GitHub Security Advisory GHSA-w398-9m55-2357 available at https://github.com/pipeshub-ai/pipeshub-ai/security/advisories/GHSA-w398-9m55-2357.
Remediation
Immediately upgrade PipesHub to version 0.1.0-beta or later, which contains the fix for this vulnerability as documented in commit 987ebab40a1fc39956730ed93220f7f9b2c4e5f8 (https://github.com/pipeshub-ai/pipeshub-ai/commit/987ebab40a1fc39956730ed93220f7f9b2c4e5f8). Until patching is possible, implement network-level access controls to restrict access to the /api/v1/record/buffer/convert endpoint to trusted IP addresses only, and consider temporarily disabling the file conversion functionality if not critical to operations. Organizations should also review file system permissions for the service account running PipesHub to limit potential damage from arbitrary file writes and monitor for suspicious file uploads or unexpected file modifications in system directories.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today