CVE-2025-68472
📋 TL;DR
CVE-2025-68472 is an unauthenticated path traversal vulnerability in MindsDB's file upload API that allows attackers to read arbitrary files from the server filesystem and move them into MindsDB's storage. This exposes sensitive data including configuration files, credentials, and other system files. All MindsDB instances prior to version 25.11.1 are affected.
💻 Affected Systems
- MindsDB
📦 What is this software?
Mindsdb by Mindsdb
⚠️ Risk & Real-World Impact
Worst Case
Complete server compromise through reading sensitive files like SSH keys, database credentials, or configuration secrets, potentially leading to lateral movement and data exfiltration.
Likely Case
Exposure of sensitive MindsDB configuration files, environment variables, and potentially user data stored in accessible directories.
If Mitigated
Limited impact if file permissions are properly configured and sensitive files are stored outside accessible paths.
🎯 Exploit Status
The vulnerability requires no authentication and uses simple path traversal techniques. Exploitation is straightforward for attackers familiar with file upload APIs.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 25.11.1
Vendor Advisory: https://github.com/mindsdb/mindsdb/security/advisories/GHSA-qqhf-pm3j-96g7
Restart Required: Yes
Instructions:
1. Stop the MindsDB service. 2. Update MindsDB to version 25.11.1 or later using your package manager or installation method. 3. Restart the MindsDB service. 4. Verify the update was successful.
🔧 Temporary Workarounds
Disable JSON file uploads
allBlock or disable the vulnerable JSON file upload endpoint while maintaining multipart and URL upload functionality.
Configure web server or application firewall to block PUT requests to /api/files/* with JSON content-type
Network access restrictions
allRestrict access to the MindsDB file upload API to trusted networks only.
Configure firewall rules to limit access to MindsDB port (default 47334) to authorized IP addresses only
🧯 If You Can't Patch
- Implement strict network segmentation to isolate MindsDB instances from sensitive systems
- Apply strict file system permissions to limit readable files and monitor for unauthorized file access attempts
🔍 How to Verify
Check if Vulnerable:
Check if MindsDB version is below 25.11.1 and if the file upload API is accessible without authentication.Check Version:
mindsdb --version or check the MindsDB web interface/about pageVerify Fix Applied:
Verify MindsDB version is 25.11.1 or higher and test that path traversal attempts in JSON file uploads are properly rejected.📡 Detection & Monitoring
Log Indicators:
- Unusual file path patterns in upload requests
- Multiple failed file upload attempts with path traversal sequences
- Access to sensitive file paths via file API
Network Indicators:
- Unusual PUT requests to /api/files/* endpoint with JSON content
- Requests containing path traversal sequences like ../ or ..\
SIEM Query:
source="mindsdb" AND (uri_path="/api/files/*" AND http_method="PUT" AND (content_type="application/json" OR body CONTAINS ".."))