Deer Flow
Monthly
Path traversal in ByteDance DeerFlow's bootstrap-mode custom-agent creation allows authenticated remote attackers to write arbitrary files outside intended directories. Affected versions prior to commit 2176b2b fail to validate agent names, enabling directory traversal sequences (../) or absolute paths to bypass containment controls. Successful exploitation achieves arbitrary file write subject to application process permissions, enabling configuration tampering, code injection, or denial of service. Vendor patch available via GitHub commit 2176b2b. EPSS data unavailable; not currently listed in CISA KEV. Publicly available exploit code exists (GitHub PR #2274 demonstrates vulnerability).
Path traversal in ByteDance DeerFlow's bootstrap-mode custom-agent creation allows authenticated remote attackers to write arbitrary files outside intended directories. Affected versions prior to commit 2176b2b fail to validate agent names, enabling directory traversal sequences (../) or absolute paths to bypass containment controls. Successful exploitation achieves arbitrary file write subject to application process permissions, enabling configuration tampering, code injection, or denial of service. Vendor patch available via GitHub commit 2176b2b. EPSS data unavailable; not currently listed in CISA KEV. Publicly available exploit code exists (GitHub PR #2274 demonstrates vulnerability).