CVE-2024-47171

Name of the Vulnerable Software and Affected Versions Agnai versions prior to 1.0.330

Description A vulnerability in Agnai permits attackers to upload image files at attacker-chosen locations on the server. This issue can lead to image file uploads to unauthorized or unintended directories, including overwriting of existing images which may be used for defacement. The vulnerability does not affect agnai.chat, installations using S3-compatible storage, or self-hosting that is not publicly exposed. The issue is a path traversal vulnerability, where an attacker can exploit it by sending a specially crafted request to the editCharacter handler, allowing them to manipulate the path where the file is uploaded to. The id variable is string interpolated into filename without path normalization, enabling attackers to freely manipulate the upload path.

Recommendations For versions prior to 1.0.330, update to version 1.0.330 to fix the vulnerability. As a temporary workaround, consider restricting access to the entityUpload function or disabling the upload functionality until a patch is available. Additionally, restrict access to the /api/character/ endpoint to minimize the risk of exploitation.