CVE-2024-9437 – SuperAGI v0.0.14 is vulnerable to an unauthenti... (How to Fix)

Q: What is the severity of CVE-2024-9437?

CVE-2024-9437 has a CVSS score of 7.5 (HIGH). SuperAGI v0.0.14 is vulnerable to an unauthenticated Denial of Service attack where attackers can crash the service by sending specially crafted HTTP requests with malformed multipart boundaries. This affects all users of vulnerable SuperAGI instances, requiring no authentication or user interaction.

📋 TL;DR

SuperAGI v0.0.14 is vulnerable to an unauthenticated Denial of Service attack where attackers can crash the service by sending specially crafted HTTP requests with malformed multipart boundaries. This affects all users of vulnerable SuperAGI instances, requiring no authentication or user interaction.

💻 Affected Systems

Products:

SuperAGI

Versions: v0.0.14

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: All deployments with the vulnerable version are affected regardless of configuration.

📦 What is this software?

Superagi by Superagi

View all CVEs affecting Superagi →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service outage making SuperAGI unavailable to all users, potentially disrupting AI workflows and business operations.

🟠

Likely Case

Service becomes unresponsive under attack, requiring manual restart and causing temporary disruption.

🟢

If Mitigated

Minimal impact with proper rate limiting, request validation, and monitoring in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Attack requires sending specially crafted HTTP requests but no authentication or complex exploitation steps.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version after v0.0.14

Vendor Advisory: https://huntr.com/bounties/27404e9c-eb3d-4626-a9d9-8dc1b3295ce0

Restart Required: Yes

Instructions:

1. Update SuperAGI to latest version. 2. Restart the SuperAGI service. 3. Verify the fix by testing with malformed boundary requests.

🔧 Temporary Workarounds

Implement request validation

all

Add middleware or WAF rules to validate multipart boundary format before processing

Rate limiting

all

Implement rate limiting on resource upload endpoints to limit DoS impact

🧯 If You Can't Patch

Deploy a WAF with rules to block malformed multipart boundaries
Restrict access to SuperAGI endpoints to trusted IPs only

🔍 How to Verify

Check if Vulnerable:

Check SuperAGI version via web interface or configuration files for v0.0.14

Check Version:

Check SuperAGI configuration or package manager for installed version

Verify Fix Applied:

Test with crafted HTTP request containing malformed multipart boundary with appended dashes

📡 Detection & Monitoring

Log Indicators:

Multiple failed upload requests
High CPU/memory usage spikes
Service restart logs

Network Indicators:

Unusual HTTP requests with malformed boundaries
High volume of upload requests from single source

SIEM Query:

source="superagi" AND (http_request contains "multipart/form-data" AND boundary contains "--")

📊 Metadata

CVE ID: CVE-2024-9437

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-770

EPSS Score: 0.18% exploit probability (39.5th percentile)

Published: March 20, 2025

Last Updated: October 15, 2025

🔗 References

https://huntr.com/bounties/27404e9c-eb3d-4626-a9d9-8dc1b3295ce0 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-9437, you might also want to check these: