Security Advisory

CVE-2024-8958

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-20 10:11:16

Last updated 2025-03-20 13:12:51

Assigner @huntr_ai

State PUBLISHED

Description

In composiohq/composio version 0.4.3, there is an unrestricted file write and read vulnerability in the filetools actions. Due to improper validation of file paths, an attacker can read and write files anywhere on the server, potentially leading to privilege escalation or remote code execution.

← Browse all CVEs View on cve.org ↗