CVE-2025-6772 | eosphoros-ai db-gpt up to 0.7.2 import import_flow File path traversal (Issue 2774)

June 27, 2025 Yanac

A vulnerability was found in eosphoros-ai db-gpt up to 0.7.2. It has been classified as critical. Affected is the function import_flow of the file /api/v2/serve/awel/flow/import. The manipulation of the argument File leads to path traversal.

This vulnerability is traded as CVE-2025-6772. It is possible to launch the attack remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More