Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Unauthenticated single-request upload to a network endpoint gives AV:N/AC:L/PR:N/UI:N; arbitrary write/delete is I:H/A:H with no file read, so C:N.
Primary rating from Vendor (VulnCheck).
CVSS VectorVendor: VulnCheck
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
7DescriptionCVE.org
OpenBMB ChatDev through 2.2.0, fixed in commit 4fd4da6, contains a path traversal vulnerability that allows unauthenticated remote attackers to write or delete arbitrary files by supplying a malicious multipart filename in the file upload endpoint. Attackers can send a crafted filename containing path traversal sequences or an absolute path to the POST uploads session endpoint, which constructs the destination path without sanitization in save_upload_file, causing file write and cleanup operations to target attacker-chosen paths on the server filesystem.
AnalysisAI
Arbitrary file write and delete in OpenBMB ChatDev through 2.2.0 lets unauthenticated remote attackers control destination paths on the server by abusing the multipart filename in the upload session endpoint. Because save_upload_file joins the attacker-supplied filename onto the temp directory without sanitization, a traversal or absolute-path filename redirects both the write and the subsequent cleanup unlink to arbitrary host locations. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires network access to ChatDev's file upload endpoint - specifically the POST uploads session endpoint - and the ability to send a multipart request with an attacker-chosen filename containing path traversal sequences ('../') or an absolute path; per AV:N/AC:L/PR:N/UI:N this works against an exposed instance with no authentication and no user interaction. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Signals are mostly consistent and point to a genuine priority rather than an inflated-CVSS issue. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who can reach an exposed ChatDev instance sends a POST request to the uploads session endpoint with a multipart filename like '../../../../etc/cron.d/payload', writing an attacker-controlled file outside the temp directory; because AV:N/AC:L/PR:N/UI:N, this needs no authentication, no user interaction, and only a single crafted request. Dropping a file into a cron directory or overwriting application code can escalate to server-side code execution, while the traversal-aware cleanup can instead be abused to delete arbitrary files and disrupt the service. … |
| Remediation | Upgrade to a ChatDev build that includes the fix commit 4fd4da603801766b14ad8788649cfc1ad21f99a6 (merged via PR https://github.com/OpenBMB/ChatDev/pull/641); since the upstream fix is a tagged commit/PR rather than a clearly named release, treat 'Upstream fix available (commit/PR); released patched version not independently confirmed' and pin to or beyond that commit. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all OpenBMB ChatDev deployments running version 2.2.0 or earlier; implement network-level restrictions on the file upload endpoint if immediate patching is not feasible. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-40373
GHSA-hh77-fhmp-pqfv