CVE-2024-47170
📋 TL;DR
CVE-2024-47170 is a path traversal vulnerability in Agnai that allows attackers to read arbitrary JSON files on the server when JSON_STORAGE is enabled. This can expose sensitive configuration files and other confidential data. Only self-hosted installations with JSON_STORAGE enabled are affected.
💻 Affected Systems
- Agnaistic Agnai
📦 What is this software?
Agnai by Agnai
⚠️ Risk & Real-World Impact
Worst Case
Complete exposure of all JSON files on the server, including configuration files with secrets, database credentials, API keys, and user data.
Likely Case
Exposure of configuration files containing sensitive application settings, potentially leading to further system compromise.
If Mitigated
No impact if JSON_STORAGE is disabled or proper access controls prevent file system traversal.
🎯 Exploit Status
Path traversal vulnerabilities typically require minimal technical skill to exploit once the vulnerability is understood.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.0.330
Vendor Advisory: https://github.com/agnaistic/agnai/security/advisories/GHSA-h355-hm5h-cm8h
Restart Required: Yes
Instructions:
1. Backup your current Agnai installation and data. 2. Update to version 1.0.330 or later using your package manager or by downloading from the official repository. 3. Restart the Agnai service. 4. Verify the update was successful.
🔧 Temporary Workarounds
Disable JSON_STORAGE
allDisable the JSON_STORAGE feature if not required for your deployment.
Modify Agnai configuration to set JSON_STORAGE=false or remove related configuration
Restrict File System Access
linuxImplement file system permissions to restrict Agnai's access to only necessary directories.
chmod -R 750 /path/to/agnai/data
chown -R agnai:agnai /path/to/agnai/data
🧯 If You Can't Patch
- Disable JSON_STORAGE feature in configuration immediately
- Implement network segmentation and firewall rules to restrict access to Agnai instances
🔍 How to Verify
Check if Vulnerable:
Check Agnai version and verify JSON_STORAGE is enabled in configuration. Versions below 1.0.330 with JSON_STORAGE=true are vulnerable.Check Version:
Check package.json or application metadata for version number, or run: node -e "console.log(require('./package.json').version)" from Agnai directoryVerify Fix Applied:
Confirm Agnai version is 1.0.330 or later and test path traversal attempts return proper error responses.📡 Detection & Monitoring
Log Indicators:
- Unusual file path access patterns in application logs
- Multiple failed attempts to access non-standard JSON file paths
Network Indicators:
- HTTP requests containing path traversal sequences (../, ..\) to JSON endpoints
SIEM Query:
source="agnai_logs" AND (uri="*../*" OR uri="*..\*") AND uri="*.json"