CVE-2024-7957: Arbitrary File Overwrite in danswer-ai/danswer

9.1 CVSS

Description

An arbitrary file overwrite vulnerability exists in the ZulipConnector of danswer-ai/danswer, affecting the latest version. The vulnerability arises from the load_credentials method, where user-controlled input for realm_name and zuliprc_content is used to construct file paths and write file contents. This allows attackers to overwrite or create arbitrary files if a zuliprc- directory already exists in the temporary directory.

Classification

CVE ID: CVE-2024-7957

CVSS Base Severity: CRITICAL

CVSS Base Score: 9.1

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Problem Types

CWE-29 Path Traversal: '\..\filename'

Affected Products

Vendor: danswer-ai

Product: danswer-ai/danswer

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.06% (probability of being exploited)

EPSS Percentile: 18.93% (scored less or equal to compared to others)

EPSS Date: 2025-04-18 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2024-7957
https://huntr.com/bounties/21e9b909-036c-4544-ad35-6a5117836275

Timeline

2025-03-20 11:40:34 UTC
CVE

Arbitrary File Overwrite in danswer-ai/danswer