CVE-2025-6167
BaseFortify
Publication date: 2025-06-17
Last updated on: 2025-07-02
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| themanojdesai | python_a2a | to 0.5.5 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-6167 is a path traversal vulnerability in the python-a2a package (versions up to 0.5.5) affecting the create_workflow function in the api.py file. The vulnerability occurs because the application does not properly validate the 'id' field in the workflow data submitted via JSON. This allows an attacker to include path traversal characters (like '../') in the 'id', causing the application to save files outside the intended directory. As a result, an attacker can write arbitrary files to unintended locations on the server filesystem. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker to write or overwrite files outside the intended directory on your server. This can lead to unauthorized file access or modification, data corruption, overwriting critical files, or further exploitation depending on the server environment and permissions. It affects the confidentiality, integrity, and availability of your system. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for suspicious POST requests to the /api/workflows endpoint containing JSON payloads with the 'id' field including path traversal characters such as '../'. For example, you can use network traffic inspection tools like tcpdump or Wireshark to capture HTTP POST requests and filter for those targeting /api/workflows. Additionally, on the server, you can search for files saved outside the intended workflows directory (e.g., ~/.agent_flow/workflows) by looking for unexpected files in parent directories. A sample curl command to test the vulnerability is: curl -X POST http://<target>/api/workflows -H 'Content-Type: application/json' -d '{"id": "../test"}' If the file is saved outside the workflows directory, the system is vulnerable. [3]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade the python-a2a package to version 0.5.6 or later, as this version addresses the path traversal vulnerability. Until the upgrade can be applied, restrict access to the /api/workflows endpoint to trusted users only, and monitor for suspicious activity involving the 'id' field in workflow creation requests. Additionally, consider implementing input validation or sanitization on the 'id' field to prevent path traversal characters from being processed. [1, 2, 3]