CVE-2025-48957 – A path traversal vulnerability in AstrBot versi... (How to Fix)

Q: What is the severity of CVE-2025-48957?

CVE-2025-48957 has a CVSS score of 7.5 (HIGH). A path traversal vulnerability in AstrBot versions 3.4.4 through 3.5.12 allows attackers to access sensitive files like API keys and passwords. This affects all users running vulnerable versions of the AstrBot chatbot and development framework. The vulnerability is fixed in version 3.5.13.

📋 TL;DR

A path traversal vulnerability in AstrBot versions 3.4.4 through 3.5.12 allows attackers to access sensitive files like API keys and passwords. This affects all users running vulnerable versions of the AstrBot chatbot and development framework. The vulnerability is fixed in version 3.5.13.

💻 Affected Systems

Products:

AstrBot

Versions: 3.4.4 through 3.5.12

Operating Systems: All platforms running AstrBot

Default Config Vulnerable: ⚠️ Yes

Notes: The dashboard feature must be enabled (default configuration) for the vulnerability to be exploitable.

📦 What is this software?

Astrbot by Astrbot

View all CVEs affecting Astrbot →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of LLM provider API keys, account credentials, and other sensitive configuration data leading to unauthorized access to external services and data exfiltration.

🟠

Likely Case

Information disclosure of API keys and passwords stored in configuration files, potentially enabling unauthorized use of paid LLM services or account takeover.

🟢

If Mitigated

Limited or no impact if proper network segmentation, access controls, and monitoring are in place to detect file access anomalies.

🌐 Internet-Facing: HIGH - If AstrBot dashboard is exposed to the internet, attackers can remotely exploit this vulnerability without authentication.

🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems could exploit this to escalate privileges or access sensitive data.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The vulnerability appears to be exploitable without authentication via the dashboard interface. No public exploit code has been identified yet.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.5.13

Vendor Advisory: https://github.com/AstrBotDevs/AstrBot/security/advisories/GHSA-cq37-g2qp-3c2p

Restart Required: Yes

Instructions:

1. Backup your AstrBot configuration and data. 2. Stop the AstrBot service. 3. Upgrade to version 3.5.13 or later using your package manager or by downloading from the official repository. 4. Restart the AstrBot service. 5. Verify the upgrade was successful.

🔧 Temporary Workarounds

Disable Dashboard Feature

all

Temporarily disable the vulnerable dashboard component by editing configuration.

Edit cmd_config.json and set dashboard-related settings to false or disable the feature

🧯 If You Can't Patch

Implement strict network access controls to limit dashboard access to trusted IP addresses only.
Monitor file access logs for unusual patterns of configuration file reads from the AstrBot process.

🔍 How to Verify

Check if Vulnerable:

Check if running AstrBot version between 3.4.4 and 3.5.12 inclusive, and verify dashboard feature is enabled in configuration.

Check Version:

Check AstrBot version through its interface or configuration files; specific command depends on installation method.

Verify Fix Applied:

Confirm AstrBot version is 3.5.13 or later and test that path traversal attempts via dashboard are properly blocked.

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns from AstrBot process to configuration files
Failed path traversal attempts in web server logs

Network Indicators:

HTTP requests to dashboard endpoints with path traversal patterns (../ sequences)

SIEM Query:

Search for web requests containing '../' patterns to AstrBot dashboard endpoints, or file access events from AstrBot process to sensitive configuration files.

📊 Metadata

CVE ID: CVE-2025-48957

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-23

EPSS Score: 0.21% exploit probability (43.2th percentile)

Published: June 2, 2025

Last Updated: June 25, 2025

🔗 References

https://github.com/AstrBotDevs/AstrBot/commit/cceadf222c46813c7f41115b40d371e7eb91e492 Patch
https://github.com/AstrBotDevs/AstrBot/issues/1675 Exploit,Issue Tracking
https://github.com/AstrBotDevs/AstrBot/pull/1676 Exploit,Issue Tracking,Patch
https://github.com/AstrBotDevs/AstrBot/security/advisories/GHSA-cq37-g2qp-3c2p Exploit,Vendor Advisory
https://www.vicarius.io/vsociety/posts/cve-2025-48957-detect-astrbot-dashboard-vulnerability?prevUrl=wizard Exploit,Third Party Advisory
https://www.vicarius.io/vsociety/posts/cve-2025-48957-mitigate-astrbot-dashboard-vulnerability?prevUrl=wizard Mitigation,Third Party Advisory
https://github.com/AstrBotDevs/AstrBot/security/advisories/GHSA-cq37-g2qp-3c2p Exploit,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-48957, you might also want to check these: