GHSA-w2k9-m5g4-xr86.json

{
  "schema_version": "1.4.0",
  "id": "GHSA-w2k9-m5g4-xr86",
  "modified": "2026-04-20T00:00:00Z",
  "published": "2026-04-20T00:00:00Z",
  "aliases": [],
  "summary": "hexstrike-ai: Path Traversal in /api/files/* endpoints allows arbitrary file read/write/delete",
  "details": "hexstrike-ai contains a path traversal vulnerability in its file management API endpoints (hexstrike_server.py). The /api/files/create, /api/files/modify, /api/files/delete, and /api/files/list endpoints accept file paths from user input without any path normalization, sanitization, or directory confinement checks.\n\nNo authentication is required. An attacker can read, write, modify, or delete arbitrary files on the server filesystem (subject to the process user's permissions).\n\nExample exploitation:\n\n```\ncurl -X POST http://<host>:5000/api/files/create -H \"Content-Type: application/json\" -d '{\"path\": \"../../../../tmp/malicious.txt\", \"content\": \"pwned\"}'\n\ncurl -X POST http://<host>:5000/api/files/list -H \"Content-Type: application/json\" -d '{\"path\": \"../../../../etc/\"}'\n```\n\nRoot cause: No path normalization or directory confinement on user-supplied file paths (CWE-22, CWE-306).",
  "severity": [
    {
      "type": "CVSS_V3",
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
    }
  ],
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "hexstrike-ai"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/0x4m4/hexstrike-ai"
    }
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-306"
    ],
    "severity": "CRITICAL",
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": null
  }
}