Coordinated Disclosure Timeline

Summary

DocsGPT is vulnerable to unauthenticated limited file write.

Project

DocsGPT

Tested Version

v0.5.0

Details

limited file write in routes.py (GHSL-2023-250)

The check_docs endpoint concatenates user-controlled POST data with a URL, which allows for traversing the URL and changing the repository the files are downloaded from. The files are then saved on the server on lines as shown on line 214 and 219.

def check_docs():
    # check if docs exist in a vectorstore folder
    data = request.get_json()
    # split docs on / and take first part
    if data["docs"].split("/")[0] == "local":
        return {"status": "exists"}
    vectorstore = "vectors/" + data["docs"]
    base_path = "https://raw.githubusercontent.com/arc53/DocsHUB/main/"
    if os.path.exists(vectorstore) or data["docs"] == "default":
        return {"status": "exists"}
    else:
        r = requests.get(base_path + vectorstore + "index.faiss")

        if r.status_code != 200:
            return {"status": "null"}
        else:
            if not os.path.exists(vectorstore):
                os.makedirs(vectorstore)
            with open(vectorstore + "index.faiss", "wb") as f:
                f.write(r.content)

            # download the store
            r = requests.get(base_path + vectorstore + "index.pkl")
            with open(vectorstore + "index.pkl", "wb") as f:
                f.write(r.content)

The vulnerability was found with the help of CodeQL.

Impact

This issue may lead to limited file write.

CVE

Credit

This issue was discovered and reported by GHSL team member @sylwia-budzynska (Sylwia Budzynska).

Contact

You can contact the GHSL team at securitylab@github.com, please include a reference to GHSL-2023-250 in any communication regarding this issue.