EUVD-2025-16634
GHSA-cq37-g2qp-3c2p
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
5Description
AstrBot is a large language model chatbot and development framework. A path traversal vulnerability present in versions 3.4.4 through 3.5.12 may lead to information disclosure, such as API keys for LLM providers, account passwords, and other sensitive data. The vulnerability has been addressed in Pull Request #1676 and is included in version 3.5.13. As a workaround, users can edit the `cmd_config.json` file to disable the dashboard feature as a temporary workaround. However, it is strongly recommended to upgrade to version v3.5.13 or later to fully resolve this issue.
Analysis
AstrBot versions 3.4.4 through 3.5.12 contain a path traversal vulnerability (CWE-23) in the dashboard feature that allows unauthenticated remote attackers to disclose sensitive information including LLM provider API keys, account passwords, and other confidential data. The vulnerability has a CVSS score of 7.5 (High) with high confidentiality impact and no authentication requirements. Patch is available in version 3.5.13 and later via Pull Request #1676.
Technical Context
The vulnerability exists in AstrBot's web dashboard component and stems from improper input validation on file path parameters (CWE-23: Relative Path Traversal). The dashboard feature fails to properly sanitize or restrict user-supplied path inputs, allowing attackers to traverse the filesystem using relative path sequences (e.g., '../../../') to access files outside the intended directory. AstrBot stores sensitive configuration data including API credentials in configuration files (cmd_config.json and related configuration stores) within the application directory. The path traversal flaw permits direct access to these files through HTTP requests without authentication. The vulnerability affects the LLM chatbot framework across multiple minor versions, impacting both the core framework and any deployments using the vulnerable dashboard feature.
Affected Products
- product: AstrBot; vendor: AstrBot Contributors; affected_versions: 3.4.4 through 3.5.12; vulnerable_component: Dashboard feature (cmd_config.json handling); fixed_version: 3.5.13 and later; fix_reference: Pull Request #1676
Remediation
Upgrade to AstrBot version 3.5.13 or later; priority: IMMEDIATE; details: The vulnerability is fully resolved in version 3.5.13. Apply patch via Pull Request #1676. Temporary Workaround: Disable the dashboard feature; priority: HIGH (if upgrade is delayed); steps: ['Edit the cmd_config.json configuration file', 'Set the dashboard feature to disabled/false', 'Restart the AstrBot service', 'Verify dashboard is no longer accessible']; limitations: This workaround removes dashboard functionality but does not patch the underlying vulnerability. Only suitable as a temporary measure pending upgrade. Network Mitigation: Restrict dashboard access; priority: MEDIUM (supplementary control); steps: ['Implement network-level access controls to restrict dashboard ports', 'Use firewall rules to limit access to trusted internal networks only', 'Consider placing AstrBot behind a WAF with path traversal detection', 'Implement IP whitelisting if applicable'] Detection & Response: Monitor for exploitation attempts; priority: MEDIUM; steps: ['Review access logs for suspicious path traversal patterns (../ sequences)', 'Monitor file access logs for unexpected reads of cmd_config.json and sensitive files', 'Rotate all stored API keys and passwords immediately if breach suspected', 'Audit audit logs for unauthorized configuration access']
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today