Security Advisory

CVE-2024-9439

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-20 10:10:34

Last updated 2025-03-20 18:19:47

Assigner @huntr_ai

State PUBLISHED

Description

SuperAGI is vulnerable to remote code execution in the latest version. The `agent template update` API allows attackers to control certain parameters, which are then fed to the eval function without any sanitization or checks in place. This vulnerability can lead to full system compromise.

← Browse all CVEs View on cve.org ↗