Vanna-ai vulnerable to SQL injection, allowing unauthenticated remote users to read arbitrary local files
CVE-2024-5753

7.5HIGH

Key Information:

Vendor: Vanna-ai
Status: Vanna-ai/vanna
Vendor: CVE Published:; 5 July 2024

What is CVE-2024-5753?

The vulnerability in Vanna version 0.3.4 allows for SQL injection attacks through specific file-critical functions, notably pg_read_file(). This weakness enables unauthenticated remote users to execute unauthorized commands that can expose sensitive local files on the server. By taking advantage of improperly sanitized SQL queries via the Python Flask API, attackers could gain access to critical files, such as user password files, leading to potential data breaches and serious security risks.

Affected Version(s)

vanna-ai/vanna <= unspecified

References

https://huntr.com/bounties/a3f913d6-c717-4528-b974-26d8d9...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 5, 2024