CVE-2025-6282
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-06-19
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
A vulnerability was found in xlang-ai OpenAgents up to ff2e46440699af1324eb25655b622c4a131265bb and classified as critical. Affected by this issue is the function create_upload_file of the file backend/api/file.py. The manipulation leads to path traversal. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The reported GitHub issue was closed automatically with the label "not planned" by a bot.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| xlang | openagents | to 2024-11-18 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a path traversal issue found in the create_upload_file function of the backend/api/file.py file in xlang-ai OpenAgents. It allows an attacker to manipulate file paths, potentially accessing or modifying files outside the intended directory.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized access or modification of files on the system, which may compromise data integrity, confidentiality, or availability. This could result in data breaches or system disruptions.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70