Eric-A

**Name of the Vulnerable Software and Affected Versions** zhayujie chatgpt-on-wechat versions prior to 2.0.9 **Description** A weakness in the Bash Tool component allows for remote OS command injection. This occurs within the ` get safety warning()` function located in the `agent/tools/bash/bash.py` file. OS command injection is a flaw that allows an attacker to execute arbitrary operating system commands on the server. **Recommendations** Upgrade to version 2.0.9. As a temporary workaround, restrict the use of the ` get safety warning()` function in the Bash Tool component.

**Name of the Vulnerable Software and Affected Versions** AstrBot version 4.23.6 **Description** A remote injection issue exists in the ` sanitize prompt description()` function within the `astrbot/core/skills/skill manager.py` file. This flaw allows an attacker to perform injection attacks remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting the use of the ` sanitize prompt description()` function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** AstrBotDevs AstrBot version 4.23.6 **Description** An issue exists in the ` normalize rw path()` function within the `astrbot/core/tools/computer tools/fs.py` file. This flaw allows for incorrect authorization and can be triggered remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting the use of the ` normalize rw path()` function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** AstrBotDevs AstrBot version 4.24.2 **Description** An authorization bypass exists that can be triggered remotely. The issue occurs within the `astr main agent()` function located in the `astrbot/core/astr main agent.py` file, where manipulation of the `session id` argument allows an attacker to bypass security checks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the `astr main agent()` function or monitor the `session id` argument for suspicious manipulation.

**Name of the Vulnerable Software and Affected Versions** AstrBotDevs AstrBot version 4.23.6 **Description** A flaw in the API Endpoint component allows a remote attacker to perform path traversal, which is a technique used to access files and directories that are stored outside the web root folder. This occurs through the manipulation of the `Name` argument within the '/api/skills/delete' endpoint. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. Avoid using the `Name` parameter in the '/api/skills/delete' endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** AstrBotDevs AstrBot versions prior to 4.23.6 **Description** A path traversal issue exists in the File Upload Handler component within the `post file()` function of the `astrbot/dashboard/routes/chat.py` file. This occurs when the `filename` argument is manipulated, allowing a remote attacker to perform the attack. **Recommendations** Upgrade to version 4.23.6.

**Name of the Vulnerable Software and Affected Versions** FlowiseAI Flowise versions prior to 3.0.13 **Description** A security flaw in the API Response Handler component allows for remote information disclosure. The issue exists within the `Login()` function located in the `packages/server/src/enterprise/services/account.service.ts` file. This attack is characterized by high complexity and is difficult to exploit. **Recommendations** Upgrade to a version later than 3.0.12. As a temporary workaround, restrict access to the `Login()` function until the update is applied.

**Name of the Vulnerable Software and Affected Versions** FlowiseAI Flowise versions prior to 3.0.13 **Description** A weakness in the User Controller Handler component allows for remote authorization bypass. This occurs through the manipulation of the `userId`, `organizationId`, `workspaceId`, or `email` arguments. **Recommendations** Upgrade the affected component to a version later than 3.0.12.

**Name of the Vulnerable Software and Affected Versions** FlowiseAI Flowise versions prior to 3.0.13 **Description** An issue exists in the 'Endpoint' component within the `verify()` function of the `packages/server/src/enterprise/services/account.service.ts` file. Manipulation of this function can lead to information disclosure. This flaw allows for remote exploitation, although it is characterized by high complexity and difficult exploitability. **Recommendations** Update to a version later than 3.0.12. As a temporary workaround, restrict access to the `verify()` function in the `packages/server/src/enterprise/services/account.service.ts` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** serge-chat versions prior to 1.4TB **Description** A flaw in the Model API Endpoint allows remote attackers to bypass authentication. This issue exists within the `download model` and `delete model` functions located in the 'api/src/serge/routers/model.py' file. Exploitation of this weakness can lead to unauthorized actions, including the deletion of models, and has been observed in real-world incidents. **Recommendations** Update to a version later than 1.4TB. As a temporary workaround, restrict access to the `download model` and `delete model` functions in the Model API Endpoint to minimize the risk of exploitation.