CVE-2025-57698

Name of the Vulnerable Software and Affected Versions AstrBot Project version 3.5.22

Description The software contains a directory traversal issue. The install plugin upload function within the '/plugin/install-upload' interface directly uses a filename from the request body, assigning it to the file path variable without validation. This file path variable is then used as a parameter in the file.save function, potentially allowing files to be saved to arbitrary locations within the file system through directory traversal.

Recommendations Versions prior to 3.5.22 are affected. Apply a fix to validate the filename received in the request body before assigning it to the file path variable. Implement proper sanitization of the file path variable to prevent directory traversal attempts. Restrict the file.save function to a designated directory to limit the scope of potential file uploads.