Skip to main content

CowAgent EUVDEUVD-2026-42789

| CVE-2026-15331 MEDIUM
Path Traversal (CWE-22)
2026-07-10 cna@vuldb.com GHSA-c3mj-x5cv-cphr
5.3
CVSS 4.0 · Vendor: vuldb
Share

Severity by source

Vendor (vuldb) PRIMARY
5.3 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
5.4 MEDIUM

Network-reachable skill installer requires low-privilege authentication (PR:L); path traversal enables limited out-of-bounds file writes (I:L) and potential disruption (A:L) with no confidentiality impact.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (vuldb).

CVSS VectorVendor: vuldb

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jul 10, 2026 - 06:06 vuln.today

DescriptionCVE.org

A vulnerability was identified in zhayujie CowAgent up to 2.1.0. The affected element is the function _add_url/_add_package of the file agent/skills/service.py of the component Skill Installation Handler. The manipulation of the argument Name leads to path traversal. The attack may be initiated remotely. Upgrading to version 2.1.2 is sufficient to fix this issue. The identifier of the patch is e85290cddcbb5ffc9c235927f4c92e5b4c3ec264. It is advisable to upgrade the affected component.

AnalysisAI

Path traversal in zhayujie CowAgent versions up to 2.1.0 allows remote low-privilege authenticated attackers to write files outside the intended skill installation directory by manipulating the Name argument in the Skill Installation Handler. The flaw resides in the _add_url and _add_package functions within agent/skills/service.py, which fail to sanitize path components before constructing filesystem paths during skill installation. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain low-privilege CowAgent account
Delivery
Call skill installation API endpoint
Exploit
Supply crafted Name with path traversal sequences
Execution
Unsanitized path written outside skills directory
Persist
Write attacker-controlled file to sensitive OS location
Impact
Leverage written file for persistence or privilege escalation

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to possess a valid low-privilege account on the CowAgent instance, as confirmed by PR:L in the CVSS 4.0 vector. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 base score of 5.3 (Medium) reflects network accessibility (AV:N), low attack complexity (AC:L), low-privilege authentication requirement (PR:L), and limited integrity and availability impact (VI:L, VA:L) with no confidentiality exposure (VC:N) and no lateral impact on subsequent systems (SC/SI/SA:N). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with a valid low-privilege CowAgent account submits a skill installation request to the API endpoint backed by `_add_url` or `_add_package`, supplying a crafted `Name` value containing traversal sequences such as `../../etc/cron.d/malicious`. The unsanitized name is used to construct a target path outside the skills directory, writing an attacker-controlled file to a sensitive system location. …
Remediation Upgrade CowAgent to version 2.1.2 or later, which is confirmed by the vendor via the GitHub release at https://github.com/zhayujie/CowAgent/releases/tag/2.1.2. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-42789 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy