CVE-2025-32779

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-32779
E.D.D.I (Enhanced Dialog Driven Interface) is a middleware to connect and manage LLM API bots. In versions before 5.5.0, an attacker with access to the `/backup/import` API endpoint can write arbitrary files to locations outside the intended extraction directory due to a Zip Slip vulnerability. Although the application runs as a non-root user (`185`), limiting direct impact on system-level files, this vulnerability can still be exploited to overwrite application files (e.g., JAR libraries) owned by the application user. This overwrite can potentially lead to Remote Code Execution (RCE) within the application's context. This issue has been patched in version 5.5.0.

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/labsai/EDDI/commit/1e207d0e4f72a5a93920bc0f76cad53ffd8e7065
https://github.com/labsai/EDDI/security/advisories/GHSA-9v34-frgq-63mv
https://www.sonarsource.com/blog/code-security-for-conversational-ai-uncovering-a-zip-slip-in-eddi
Configurations

No configuration.

History

27 Oct 2025, 15:15

Type Values Removed Values Added
References
  • () https://www.sonarsource.com/blog/code-security-for-conversational-ai-uncovering-a-zip-slip-in-eddi -
Summary
  • (es) E.D.D.I (Enhanced Dialog Driven Interface) es un middleware para conectar y administrar bots de la API LLM. En versiones anteriores a la 5.5.0, un atacante con acceso al endpoint de la API `/backup/import` podía escribir archivos arbitrarios fuera del directorio de extracción previsto debido a una vulnerabilidad de Zip Slip. Aunque la aplicación se ejecuta como un usuario no root (`185`), lo que limita el impacto directo en los archivos del sistema, esta vulnerabilidad puede explotarse para sobrescribir archivos de la aplicación (p. ej., librerías JAR) propiedad del usuario. Esta sobrescritura puede provocar la ejecución remota de código (RCE) dentro del contexto de la aplicación. Este problema se ha corregido en la versión 5.5.0.

15 Apr 2025, 17:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-04-15 17:15

Updated : 2025-10-27 15:15

NVD link : CVE-2025-32779

Mitre link : CVE-2025-32779

CVE.ORG link : CVE-2025-32779

JSON object : View

Products Affected

No product.

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')