CVE-2025-6210
BaseFortify
Publication date: 2025-07-07
Last updated on: 2025-07-30
Assigner: huntr.dev
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| llamaindex | llamaindex | to 0.5.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the ObsidianReader class of the run-llama/llama_index repository (version 0.12.27). It allows attackers to perform a hardlink-based path traversal attack by exploiting inadequate handling of hardlinks in the load_data() method. Specifically, the security checks fail to distinguish between real files and hardlinks, enabling attackers to bypass path restrictions and access sensitive system files like /etc/passwd. [1]
How can this vulnerability impact me? :
The vulnerability can allow an attacker to bypass file path restrictions and access sensitive system files on the affected system. This unauthorized access could lead to exposure of critical information such as user account details stored in files like /etc/passwd, potentially compromising system security. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect potential exploitation of this vulnerability by checking for hardlinked files that the ObsidianReader might process. Since the vulnerability involves hardlink-based path traversal, inspecting files with multiple hardlinks is key. On a Unix-like system, you can use the command `find /path/to/obsidian/vault -type f -links +1 -exec ls -l {} \;` to list files with more than one hardlink. Additionally, monitoring logs for warnings about skipped hardlinked files from the ObsidianReader (if updated) can help detect attempts to exploit this issue. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation is to upgrade the llama_index package to version 0.5.2 or later, where the vulnerability is fixed by adding a check to detect and skip hardlinked files in the ObsidianReader's load_data method. This prevents processing of malicious hardlinks that could lead to path traversal. Until the upgrade, avoid processing untrusted files with the ObsidianReader and consider restricting file permissions to limit exposure. [1]