CVE-2025-50185

Name of the Vulnerable Software and Affected Versions DbGate versions 6.6.0 and below

Description DbGate, a cross-platform database manager, allows unauthorized file access due to insufficient validation of file paths and types. A user with application-level access can retrieve data from arbitrary files on the system, regardless of their location or file type. The plugin fails to enforce proper checks on content type and file extension before reading a file. This allows even sensitive files accessible only to the root user to be read through the application interface. The request is made via a POST request to the /runners/load-reader API endpoint, utilizing the reader@dbgate-plugin-csv function and the fileName parameter to specify the file path.

Recommendations DbGate versions prior to 6.6.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.