KnowAgent is vulnerable to Information Disclosure, and it results to attackers can read arbitrary files.

1) When I study the source code of KnowAgent, the file-content route in NormalLogCollectTaskController.java gets my attention. It seems to be a file read function.
![image](https://github.com/didi/KnowAgent/assets/5965134/b4e9879f-4876-4969-a3b9-5d7060b24184)
2）Then I access the route via http request. It is a vulnerability which leads to an arbitrary file reading.
The request URL is http://116.85.4.122:9010/api/v1/normal/collect-task/file-content?hostName=127.0.0.1&path=/etc/passwd
![image](https://github.com/didi/KnowAgent/assets/5965134/30638cdb-e6d9-4aa6-ac93-6d3c605fbdc1)



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

KnowAgent is vulnerable to Information Disclosure, and it results to attackers can read arbitrary files. #40

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

KnowAgent is vulnerable to Information Disclosure, and it results to attackers can read arbitrary files. #40

Description

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions