Miggo Logo
Miggo Vulnerability Database
CVE-2024-45190

CVE-2024-45190: Mage AI Path Traversal vulnerability

6.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2024-45190
GHSA ID
GHSA-4mrc-w7jh-hx4j
EPSS Score
0.11963%
CWE
CWE-35
Published
8/23/2024
Updated
8/23/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
mage-aipip<= 0.9.73

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability manifests in the pipeline interaction endpoint (/api/pipelines/{pipeline_id}/interaction/{path}). The PoC shows path traversal via URL-encoded '../' sequences in the interaction path parameter. This suggests the handler function processing this endpoint likely: 1. Accepts user-controlled path input 2. Fails to properly sanitize path traversal sequences 3. Uses this input to construct filesystem paths. In Python web frameworks, this would typically map to a GET handler method in a route controller. The medium confidence reflects the lack of direct code evidence, but the endpoint structure and vulnerability pattern strongly indicate the interaction handler's path parameter processing is flawed.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

M*** *I *llows r*mot* us*rs wit* t** "Vi*w*r" rol* to l**k *r*itr*ry *il*s *rom t** M*** s*rv*r *u* to * p*t* tr*v*rs*l in t** "Pip*lin* Int*r**tion" r*qu*st

Reasoning

T** vuln*r**ility m*ni**sts in t** pip*lin* int*r**tion *n*point (/*pi/pip*lin*s/{pip*lin*_i*}/int*r**tion/{p*t*}). T** Po* s*ows p*t* tr*v*rs*l vi* URL-*n*o*** '../' s*qu*n**s in t** int*r**tion p*t* p*r*m*t*r. T*is su***sts t** **n*l*r `*un*tion` p