Lowyottahmd

**Name of the Vulnerable Software and Affected Versions** Dagu versions up to and including 1.16.7 **Description** Dagu, a workflow engine, contains a flaw in the `CreateNewDAG` API endpoint (`POST /api/v1/dags`). The endpoint does not properly validate the DAG name before storing it, allowing an authenticated user with DAG write permissions to write arbitrary YAML files to potentially any location on the filesystem, limited by the process permissions. This is due to the lack of validation in the `CreateNewDAG` handler and the behavior of the `generateFilePath` function, which incorrectly resolves paths containing separators. Exploitation involves crafting a malicious DAG name, such as `../../tmp/pwned`, to write files outside the intended DAGs directory. Because Dagu executes DAG files as shell commands, this can lead to remote code execution by overwriting configuration files or writing malicious DAGs to other instances. The vulnerable code is located in `internal/service/frontend/api/v1/dags.go` (lines 120-170) and `internal/persis/filedag/store.go` (lines 213 and 493-498). A proof-of-concept (PoC) demonstrates writing a file to `/tmp/path-traversal-proof.yaml` using a crafted request to the `CreateNewDAG` API endpoint. **Recommendations** Dagu versions prior to 1.16.7 should be updated.