GHSL-2023-250: Unauthenticated limited file write in DocsGPT - CVE-2024-31451

Coordinated Disclosure Timeline

• 2023-11-28: Sent the report via GitHub Private Vulnerability Reporting (PVR).
• 2023-12-27: Sent a follow up message.
• 2024-01-04: Created an issue in the repository asking for a contact.
• 2024-01-16: The PVR report is accepted.
• 2024-02-12: Sent a reminder about the deadline for fixing the issue.
• 2024-02-27: Reminder about the deadline.
• 2024-03-02: Maintainer answered they are working on a fix.
• 2024-04-08: Wrote a message via PVR informing that GitHub Security Lab will be requesting a CVE for this vulnerability.
• 2024-04-08: Fix is created and a new version with a fix is released. CVE-2024-31451 is assigned.
• 2024-08-12: Advisory is published.

Summary

DocsGPT is vulnerable to unauthenticated limited file write.

Project

DocsGPT

Tested Version

v0.5.0

Details

limited file write in routes.py (GHSL-2023-250)

The check_docs endpoint concatenates user-controlled POST data with a URL, which allows for traversing the URL and changing the repository the files are downloaded from. The files are then saved on the server on lines as shown on line 214 and 219.

def check_docs():
    # check if docs exist in a vectorstore folder
    data = request.get_json()
    # split docs on / and take first part
    if data["docs"].split("/")[0] == "local":
        return {"status": "exists"}
    vectorstore = "vectors/" + data["docs"]
    base_path = "https://raw.githubusercontent.com/arc53/DocsHUB/main/"
    if os.path.exists(vectorstore) or data["docs"] == "default":
        return {"status": "exists"}
    else:
        r = requests.get(base_path + vectorstore + "index.faiss")

        if r.status_code != 200:
            return {"status": "null"}
        else:
            if not os.path.exists(vectorstore):
                os.makedirs(vectorstore)
            with open(vectorstore + "index.faiss", "wb") as f:
                f.write(r.content)

            # download the store
            r = requests.get(base_path + vectorstore + "index.pkl")
            with open(vectorstore + "index.pkl", "wb") as f:
                f.write(r.content)

The vulnerability was found with the help of CodeQL.

Impact

This issue may lead to limited file write.

CVE

• CVE-2024-31451

Credit

This issue was discovered and reported by GHSL team member @sylwia-budzynska (Sylwia Budzynska).

Contact

You can contact the GHSL team at securitylab@github.com, please include a reference to GHSL-2023-250 in any communication regarding this issue.