Miggo Logo
Miggo Vulnerability Database
CVE-2024-8865

CVE-2024-8865: Composio Path Traversal vulnerability

3.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2024-8865
GHSA ID
GHSA-66r2-xm28-74w9
EPSS Score
0.59051%
CWE
CWE-22
Published
9/16/2024
Updated
9/17/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
composio-corepip<= 0.5.8

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability disclosure explicitly references the 'path' function in composio/server/api.py handling the 'file' argument. Analysis of the linked code shows the '_download_file_or_dir' endpoint (line 255) takes a 'file' parameter and uses it to construct Path() objects without validation. There is no check for directory traversal sequences or path normalization, enabling attackers to access arbitrary files by submitting paths like '../../etc/passwd'. The combination of direct user input usage in filesystem operations and lack of sanitization matches classic path traversal patterns.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* vuln*r**ility w*s *oun* in *omposio*q *omposio up to *.*.* *n* *l*ssi*i** *s pro*l*m*ti*. *****t** *y t*is issu* is t** *un*tion p*t* o* t** *il* *omposio\s*rv*r\*pi.py. T** m*nipul*tion o* t** *r*um*nt *il* l***s to p*t* tr*v*rs*l. T** *xploit **s

Reasoning

T** vuln*r**ility *is*losur* *xpli*itly r***r*n**s t** 'p*t*' *un*tion in *omposio/s*rv*r/*pi.py **n*lin* t** '*il*' *r*um*nt. *n*lysis o* t** link** *o** s*ows t** '_*ownlo**_*il*_or_*ir' *n*point (lin* ***) t*k*s * '*il*' p*r*m*t*r *n* us*s it to *