CVE-2025-6166 | frdel Agent-Zero up to 0.8.4 /python/api/image_get.py image_get path path traversal (Issue 383)

Inserito da Angelo Barbosa | Giu 15, 2025 | CVE

A vulnerability was found in frdel Agent-Zero up to 0.8.4. It has been rated as problematic. This issue affects the function image_get of the file /python/api/image_get.py. The manipulation of the argument path leads to path traversal.

The identification of this vulnerability is CVE-2025-6166. The attack needs to be approached within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-6166 | frdel Agent-Zero up to 0.8.4 /python/api/image_get.py image_get path path traversal (Issue 383)

Post correlati

CVE-2024-42364 | gethomepage up to 0.9.1 dns rebinding (GHSL-2024-096)

CVE-2023-40078 | Google Android 14 a2dp_vendor_opus_decoder.cc a2dp_vendor_opus_decoder_decode_packet out-of-bounds write

CVE-2024-52398 | Halyra CDI Plugin up to 5.5.3 on WordPress unrestricted upload

CVE-2024-12149 | Devolutions Remote Desktop Manager up to 2024.3.19.0 on Windows Temporary Access Request default permission