Cyber Posture

CVE-2024-10835

CriticalPublic PoC

Published: 20 March 2025

Published
20 March 2025
Modified
17 July 2025
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0152 81.3th percentile
Risk Priority 21 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

Security Summary

CVE-2024-10835 is a critical vulnerability in eosphoros-ai/db-gpt version v0.6.0, where the web API endpoint POST /api/v1/editor/sql/run allows execution of arbitrary SQL queries without any access control. This flaw, classified under CWE-89 (SQL Injection), enables attackers to exploit DuckDB SQL functionality for arbitrary file writes to the victim's file system, potentially escalating to remote code execution (RCE). The issue carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), highlighting its severe impact.

Unauthenticated remote attackers can exploit this vulnerability by sending crafted requests to the affected API endpoint, requiring no privileges, low attack complexity, or user interaction. Successful exploitation grants the ability to write arbitrary files anywhere on the file system via DuckDB's SQL capabilities, which can overwrite critical files or configurations, leading to full system compromise through RCE.

Mitigation details and additional technical information are available in the advisory published on Huntr at https://huntr.com/bounties/e32fda74-ca83-431c-8de8-08274ba686c9. The vulnerability was publicly disclosed on 2025-03-20.

Details

CWE(s)
CWE-89

Affected Products

dbgpt
db-gpt
0.6.0

AI Security Analysis

AI Category
Enterprise AI Assistants
Risk Domain
Other ATLAS/OWASP Terms
OWASP Top 10 for LLMs 2025
None mapped
MITRE ATLAS Techniques
None mapped
Classification Reason
DB-GPT (eosphoros-ai/db-gpt) is an open-source AI-native data app builder integrating LLMs with databases for natural language interactions, fitting Enterprise AI Assistants category. Vulnerability in web API for SQL execution aligns with AI platform deployment.

MITRE ATT&CK Enterprise Techniques

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
Why these techniques?

The vulnerability in the public-facing web API allows unauthenticated arbitrary SQL query execution via POST /api/v1/editor/sql/run, enabling arbitrary file writes with DuckDB and potential RCE, directly mapping to exploitation of a public-facing application.

References