CVE-2024-8958
Unrestricted File Write and Read in composiohq/composio
In composiohq/composio version 0.4.3, there is an unrestricted file write and read vulnerability in the filetools actions. Due to improper validation of file paths, an attacker can read and write files anywhere on the server, potentially leading to privilege escalation or remote code execution.
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected products
composiohq · composiohq/composioWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →