CVE-2025-48957: 
Python vulnerability analysis and mitigation

A path traversal vulnerability was discovered in AstrBot, a large language model chatbot and development framework, affecting versions 3.4.4 through 3.5.12. The vulnerability (CVE-2025-48957) was discovered on May 29, 2025, and allows unauthorized access to sensitive information through the /api/chat/get_file endpoint (GitHub Advisory).

The vulnerability exists in the /api/chat/get_file endpoint where the code fails to properly sanitize and validate the filename parameter. This allows attackers to use path traversal sequences (such as '../') to access files outside the intended directory. The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (High) with vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N, indicating it can be exploited remotely without authentication or user interaction (GitHub Advisory).

The vulnerability can lead to unauthorized disclosure of sensitive information, including API keys for LLM providers, account passwords (stored as MD5 hashes), and other sensitive data stored in configuration files. The impact is particularly severe as it allows access to the cmd_config.json file which contains critical system credentials (GitHub Advisory).

The vulnerability has been patched in version 3.5.13 through Pull Request #1676, which implements proper file path validation and requires JWT authentication for the endpoint. As a temporary workaround, users can disable the dashboard feature by editing the cmd_config.json file. However, upgrading to version 3.5.13 or later is strongly recommended for a complete fix (GitHub Advisory).