Remote Code Execution Vulnerability in DocsGPT by Arc53
CVE-2025-0868

9.3CRITICAL

Key Information:

Vendor

Arc53

Status
Docsgpt
Vendor
CVE Published:
20 February 2025

Badges

📈 Score: 517👾 Exploit Exists🟣 EPSS 21%📰 News Worthy

What is CVE-2025-0868?

CVE-2025-0868 is a severe remote code execution vulnerability found in DocsGPT, developed by Arc53. DocsGPT is designed to facilitate document generation through natural language processing, allowing users to streamline their documentation processes. However, this vulnerability stems from improper parsing of JSON data, particularly through the insecure use of the eval() function. As a result, attackers could exploit this flaw by sending arbitrary Python code, potentially compromising the entire application and leading to unauthorized access and control over organizational data and systems.

Technical Details

The vulnerability affects DocsGPT versions ranging from 0.8.1 to 0.12.0. It leverages a weakness in the API endpoint designated for remote execution, specifically the /api/remote endpoint, where improper handling of user input enables malicious actors to execute arbitrary code. The flawed implementation in the parsing logic permits JSON data to be maliciously crafted, making it a significant entry point for exploitation.

Potential impact of CVE-2025-0868

  1. Remote Code Execution: The primary consequence of this vulnerability is the potential for unauthorized remote code execution, enabling attackers to run malicious code on the affected server, which could lead to system compromise.

  2. Data Breaches: Exploitation of this vulnerability can lead to unauthorized access to sensitive data stored within the application, resulting in potential data leaks and breaches that can severely damage an organization's reputation and financial standing.

  3. Compromised System Integrity: With remote code execution capabilities, adversaries could overwrite or manipulate critical application components, leading to further exploitation, system instability, and even the possibility of deploying additional malware like ransomware within the network.

Affected Version(s)

DocsGPT 0.8.1 <= 0.12.0

News Articles

favicon imagewiz.io

CVE-2025-0868 Impact, Exploitability, and Mitigation Steps | Wiz

Understand the critical aspects of CVE-2025-0868 with a detailed vulnerability assessment, exploitation potential, affected technologies, and remediation guidance.

3 weeks ago

References

https://cert.pl/en/posts/2025/02/CVE-2025-0868/
third-party-advisory
https://cert.pl/posts/2025/02/CVE-2025-0868/
third-party-advisory
https://github.com/arc53/DocsGPT
product

EPSS Score

21% chance of being exploited in the next 30 days.

CVSS V4

Score:
9.3
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 📰

    First article discovered by wiz.io

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Eryk Winiarz
.
CVE-2025-0868 : Remote Code Execution Vulnerability in DocsGPT by Arc53