CVE-2024-9415

High CVSS 8.8

Overview

A Path Traversal vulnerability exists in the file upload functionality of transformeroptimus/superagi version 0.0.14. This vulnerability allows an attacker to upload an arbitrary file to the server, potentially leading to remote code execution or overwriting any file on the server.

CWE: CWE-22 Published: 2025-03-20T10:15:48.580

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 8.8 (HIGH)
Detected tags: path, rce (tag impact: VERY HIGH)

Recommended actions:

Canonicalize path; block `..` traversal; use allowlists.
Patch/upgrade immediately (remote code execution).
Reduce exposure (WAF/segmentation), minimize attack surface.

Overview

Recommended tools

Tags