repository icon
modelscope / agentscope Project repository

Start building LLM-empowered multi-agent applications in an easier way.

Submit a report

FIRST INTERACTION

WITHIN7 DAYS

REVIEW

WITHIN11 DAYS

FIX

WITHINN/A DAYS

XSS through Run the workflow
360vulnerabilityresearchinstitute
duplicate
Medium
RCE in call_agent_func Function Due to Unsafe Pickle Deserialization
revenge-fox
duplicate
Critical
RCE in _process_task Function Due to Unsafe Pickle Deserialization
revenge-fox
duplicate
Critical
Arbitrary File Deletion
ajmalabubakkr
duplicate
Critical
Remote code execution via the `/RpcAgent/call_agent_func` rpc endpoint
williwollo
duplicate
Critical
RCE in create_agent Function Due to Unsafe Pickle Deserialization
revenge-fox
duplicate
Critical
Arbitrary json file write via the `/save-workflow` endpoint.
williwollo
duplicate
Critical
Arbitrary json file read via the `/load-workflow` endpoint
williwollo
duplicate
High
Arbitrary file deletion via `/delete-workflow` endpoint
williwollo
duplicate
Critical
Remote code execution vulnerability due to the /convert-to-py-and-run interface...
eggdkk
duplicate
Critical
Arbitrary json file reading
nduy2110
duplicate
High
Arbitrary file deleting
nduy2110
duplicate
Critical
Arbitrary json file write/overwrite
nduy2110
duplicate
High
JSON File Write on Arbitrary Locations
ajmalabubakkr
duplicate
High
Delete Arbitrary file in the filesystem at /delete-workflow
insomniahax
duplicate
Critical
Create/Overwrite any json file in local filesystem at /save-workflow
insomniahax
duplicate
High
Read any local json file via path traversal on /load-workflow
insomniahax
duplicate
High
An unexpected POST request causes the server to shut down
nduy2110
informative
High
RCE in convert-to-py endpoint
nduy2110
duplicate
Critical
Arbitrary File Read For JSON Files
jkylekelly
duplicate
High
Arbitrary File Deletion via /delete-workflow
jkylekelly
duplicate
Critical
Stored XSS in /save-workflow endpoint
anandsreekumaras
duplicate
High
Arbitrary file read in distributed setup
lager1
duplicate
High
Model configuration file secret leak via path traversal
h2oa
duplicate
Critical
Path traversal lead to modify model configuration file
h2oa
duplicate
Critical
Path traversal to delete any file
h2oa
duplicate
Critical
Arbitrary file read caused by lack of restrictions on API parameters.
mouchen626
duplicate
High
Unauthenticated Remote Code Execution via The use of eval in is_callable_express...
aftersnows
duplicate
Critical
Agentscope v0.0.4 Arbitrary File Read Vulnerability
web-hacker-team
duplicate
Critical
agentscope v0.0.4 Arbitrary JSON File Read Vulnerability
web-hacker-team
duplicate
High
agentscope v0.0.4 Arbitrary JSON File Read Vulnerability
web-hacker-team
duplicate
High
agentscope v0.0.4 Arbitrary JSON File Overwrite Vulnerability
web-hacker-team
duplicate
Critical
Arbitrary write anywhere on the server through the /save-workflow endpoint
winters0x64
duplicate
Critical
CORS Misconfiguration which leads to leaking info leading to CSRF
alfinj0se
duplicate
Medium
AgentScope RPC Framework Deserialization Remote-Code execution in modelscope/age...
retr0reg
duplicate
Critical
Server side request forgery
lager1
informative
Medium
Ability to delete any files on the server which could lead to DOS and much more
winters0x64
duplicate
Critical
Stored XSS in the dashboard
alfinj0se
duplicate
Medium
agentscope.studio Path Traversal and Unauthorized File Writing
morphykutay
duplicate
Critical
Local File Read (LFI) via GET /api/file API end point
zpbrent
duplicate
High
Remote Code Execution via POST /convert-to-py API end point
zpbrent
duplicate
Critical
Remote Code Execution via POST /convert-to-py-and-run API end point
zpbrent
duplicate
Critical
0 click RCE by chaining multiple vulnerabilities
winters0x64
duplicate
Critical
Arbitrary File Delete via delete-workflow API end point
zpbrent
duplicate
Critical
arbitrary json file write/read
0xanis
Critical
$900CVE-2024-8551
Path traversal that leads to arbitrary file delete
0xanis
Critical
$900CVE-2024-8537
Local File Read (LFI) via download_file RPC endpoint
zpbrent
duplicate
High
LFI in /load-workflow endpoint allows reading API keys and other files from the...
winters0x64
High
$450CVE-2024-8550
agentscope.studio Path Traversal
morphykutay
duplicate
Critical
LFI in /read-examples endpoint allows reading API keys and other sensitive files
winters0x64
duplicate
High
Local File Read (LFI) by public API `/api/file`
lyutoon
duplicate
High
Remote Code Execution by calling public API `convert-to-py`
lyutoon
duplicate
Critical
Remote Code Execution in /convert-to-py endpoint
winters0x64
duplicate
Critical
Local File Read (LFI) by API leads to Sensitive Information Leak
virusday
duplicate
High
Local File Inclusion in /api/file endpoint which leaks sensitive information lik...
winters0x64
duplicate
High
RPC Framework arbitrary file exposure
retr0reg
duplicate
High
Arbitrary file reading via path traversal
virusday
duplicate
High
AgentScope RPC Framework Deserialization Remote-Code execution
retr0reg
duplicate
Critical
workflowdag -> sanitize_node_data Remote-code execution
retr0reg
duplicate
Critical
Path traversal in '/read-examples'
retr0reg
duplicate
High
Local file inclusion via "/api/file"
retr0reg
duplicate
Critical
Local file inclusion in AgentScope Server
patrik-ha
duplicate
High
Local file inclusion in AgentScope Studio
patrik-ha
duplicate
High
Remote code execution in AgentScope Server through pickle/dill-deserialization
patrik-ha
duplicate
Critical
Code Injection
mvlttt
duplicate
Critical
Local File Inclusion (LFI)
mvlttt
duplicate
High
Path Traversal in /api/file endpoint
rook1337
duplicate
Critical
Unrestricted File Downloads on [GET] /api/file
crackatoa
duplicate
High
Path traversal on src/agentscope/studio/_app.py
crackatoa
duplicate
High
Remote code execution through eager evaluation of workflow arguments
patrik-ha
duplicate
Critical
Stored XSS through run ID
patrik-ha
Medium
$75CVE-2024-8556
Remote code execution through code injection in workflow conversion endpoint
patrik-ha
duplicate
Critical
RCE vulnerability via /convert-to-py-and-run in AgentScope Studio
7resp4ss
duplicate
Critical
Arbitrary File Read vulnerability via AgentScope Studio
7resp4ss
duplicate
Critical
Cross Site Scripting
dan-xzero
informative
Critical
Code Injection at API /convert-to-py
ngductung
duplicate
Critical
Remote Code Execution via Deserialization in RpcAgentServerLauncher of modelscop...
bayuncao
Critical
$900CVE-2024-8502
Code injection to RCE
kienzx203
duplicate
Critical
@_app.route("/api/file", methods=["GET"]) : Path Injection
shyun020
duplicate
Critical
Arbitrary File Download vulnerability in rpc_agent_client
7resp4ss
High
$450CVE-2024-8501
Command injection
dan-xzero
duplicate
Critical
Site-Wide Cross-Site Request Forgery (CSRF)
0xanis
duplicate
High
Remote code execution
lager1
duplicate
Critical
arbitrary json file read
0xanis
duplicate
High
Arbitrary file read in API endpoint `GET /api/file`
lager1
duplicate
High
Local File Inclusion
0xanis
duplicate
High
path traversal in API endpoint `POST /read-examples`
lager1
duplicate
High
Cross origin resource sharing allows interaction from arbitrary origin
lager1
duplicate
Critical
LFI
dan-xzero
duplicate
Critical
CORS can leads to expose the sensitive data
mnqazi
High
$450CVE-2024-8487
CSRF lead to delete server
fewword
duplicate
Critical
Path traversal leads to view any files in some dirs
fewword
duplicate
High
Local File Inclusion (LFI)
mnqazi
duplicate
Critical
Cross Site Scripting in workstation
dan-xzero
duplicate
Critical
Path Traversal in api `/api/messages/run/<id>`
kienzx203
duplicate
High
Path traversal allows reading json files on the system
kienzx203
duplicate
High
agentscope studio rce
muzai
not applicable
agentscope studio arbitrary file read
muzai
duplicate
Critical
path traversal to read any json file from a directory call ```invoke```
ranjit-git
duplicate
Medium
Path Traversal at API /api/invocation
tungpentest
duplicate
High
read any file from a directory
ranjit-git
informative
High
Path traversal leads to view any files in some dirs
fewword
duplicate
High
Path traversal leads to view any files
fewword
duplicate
High
remote code execution possible
ranjit-git
spam
directory traversal to read any local json file
ranjit-git
High
$450CVE-2024-8524
Reflected XSS at function Workstation
ngductung
informative
High
Use of insecure channels between server and agents
lager1
informative
High
local file read
ranjit-git
duplicate
High
CSRF due to overly permissive CORS headers
patrik-ha
High
$450CVE-2024-8489
Os command injection
kienzx203
self closed
Path Traversal in api `/api/file`
ngductung
duplicate
High
Path Traversal in API `/api/file`
duongli99
High
$450CVE-2024-8438