CVE-2026-27598

Name of the Vulnerable Software and Affected Versions Dagu versions up to and including 1.16.7

Description Dagu, a workflow engine, contains a flaw in the CreateNewDAG API endpoint (POST /api/v1/dags). The endpoint does not properly validate the DAG name before storing it, allowing an authenticated user with DAG write permissions to write arbitrary YAML files to potentially any location on the filesystem, limited by the process permissions. This is due to the lack of validation in the CreateNewDAG handler and the behavior of the generateFilePath function, which incorrectly resolves paths containing separators. Exploitation involves crafting a malicious DAG name, such as ../../tmp/pwned, to write files outside the intended DAGs directory. Because Dagu executes DAG files as shell commands, this can lead to remote code execution by overwriting configuration files or writing malicious DAGs to other instances. The vulnerable code is located in internal/service/frontend/api/v1/dags.go (lines 120-170) and internal/persis/filedag/store.go (lines 213 and 493-498). A proof-of-concept (PoC) demonstrates writing a file to /tmp/path-traversal-proof.yaml using a crafted request to the CreateNewDAG API endpoint.

Recommendations Dagu versions prior to 1.16.7 should be updated.