Login Sign Up

CVE-2025-6167

5.5 MEDIUM
Path Traversal

📋 TL;DR

A critical path traversal vulnerability in python-a2a's create_workflow function allows attackers to access files outside intended directories. This affects all users of python-a2a versions up to 0.5.5 who expose the vulnerable API endpoint.

💻 Affected Systems

Products:
  • python-a2a
Versions: up to 0.5.5
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in the create_workflow function of the agent_flow/server/api.py module when exposed via API endpoints.

📦 What is this software?

Python A2a by Themanojdesai

View all CVEs affecting Python A2a →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could read sensitive system files, potentially exposing credentials, configuration data, or other confidential information, leading to complete system compromise.

🟠

Likely Case

Unauthorized file access leading to information disclosure of application files or limited system files accessible to the application's user context.

🟢

If Mitigated

With proper input validation and file access controls, impact is limited to attempted attacks being blocked with appropriate logging.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Path traversal vulnerabilities typically have low exploitation complexity, especially when unauthenticated access is possible.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.5.6

Vendor Advisory: https://github.com/themanojdesai/python-a2a/releases/tag/v0.5.6

Restart Required: Yes

Instructions:

1. Backup current configuration and data
2. Stop the python-a2a service
3. Upgrade to version 0.5.6 using pip: pip install python-a2a==0.5.6
4. Restart the python-a2a service
5. Verify the upgrade was successful

🔧 Temporary Workarounds

Input Validation Filter

all

Implement input validation to reject path traversal sequences in API requests

Add input validation in create_workflow function to check for '../' sequences and reject malicious requests

Access Restriction

all

Restrict API endpoint access to trusted networks only

Configure firewall rules to limit access to python-a2a API endpoints
Use network segmentation to isolate vulnerable systems

🧯 If You Can't Patch

  • Implement strict input validation and sanitization for all file path parameters
  • Run python-a2a with minimal privileges and restrict file system access using chroot or containerization

🔍 How to Verify

Check if Vulnerable:

Check python-a2a version: pip show python-a2a | grep Version

Check Version:

pip show python-a2a | grep Version

Verify Fix Applied:

Verify version is 0.5.6 or higher and test API endpoint with path traversal attempts returns proper error

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed API requests with '../' sequences in parameters
  • Unusual file access patterns from API endpoints

Network Indicators:

  • HTTP requests containing path traversal sequences to python-a2a API endpoints

SIEM Query:

source="python-a2a" AND ("../" OR "..\" OR "%2e%2e%2f")

📊 Metadata

CVE ID: CVE-2025-6167
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-22
EPSS Score: 0.03% exploit probability (8.3th percentile)
Published: June 17, 2025
Last Updated: July 2, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-6167, you might also want to check these:

CVE-2024-43955 10.0

CVE-2024-43955 is an unauthenticated path traversal vulnerability in the Droip WordPress plugin that...

Same vulnerability type (CWE-22)
CVE-2025-54261 10.0

This critical path traversal vulnerability in Adobe ColdFusion allows attackers to escape restricted...

Same vulnerability type (CWE-22)
CVE-2024-40628 10.0

This critical vulnerability in JumpServer allows attackers to read arbitrary files from the Celery c...

Same vulnerability type (CWE-22)