CVE-2024-5547 - Vulnerability Details - OpenCVE

A directory traversal vulnerability exists in the /api/download-project-pdf endpoint of the stitionai/devika repository, affecting the latest version. The vulnerability arises due to insufficient sanitization of the 'project_name' parameter in the download_project_pdf function. Attackers can exploit this flaw by manipulating the 'project_name' parameter in a GET request to traverse the directory structure and download arbitrary PDF files from the system. This issue allows attackers to access sensitive information that could be stored in PDF format outside the intended directory.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Stitionai	Devika

Configuration 1 [-]

cpe:2.3:a:stitionai:devika:1.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/stitionai/devika/commit/6acce21fb08c3d1123ef05df6a33912bf0ee77c2
https://huntr.com/bounties/7ea0eb5f-7643-4452-bc93-a225e2090283

History

Wed, 16 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.0041}`	epss `{'score': 0.00447}`

Tue, 15 Jul 2025 15:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Stitionai Stitionai devika
CPEs		cpe:2.3:a:stitionai:devika:1.0:::::::*
Vendors & Products		Stitionai Stitionai devika

MITRE

Status: PUBLISHED

Assigner: @huntr_ai

Published: 2024-06-27T17:33:35.488Z

Updated: 2024-08-01T21:18:06.450Z

Reserved: 2024-05-30T19:10:14.492Z

Link: CVE-2024-5547

Vulnrichment

Updated: 2024-08-01T21:18:06.450Z

NVD

Status : Analyzed

Published: 2024-06-27T18:15:20.493

Modified: 2025-07-15T15:37:21.163

Link: CVE-2024-5547

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-5547", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "state": "PUBLISHED", "assignerShortName": "@huntr_ai", "dateReserved": "2024-05-30T19:10:14.492Z", "datePublished": "2024-06-27T17:33:35.488Z", "dateUpdated": "2024-08-01T21:18:06.450Z"}, "containers": {"cna": {"title": "Directory Traversal in stitionai/devika", "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2024-07-12T07:41:27.139Z"}, "descriptions": [{"lang": "en", "value": "A directory traversal vulnerability exists in the /api/download-project-pdf endpoint of the stitionai/devika repository, affecting the latest version. The vulnerability arises due to insufficient sanitization of the 'project_name' parameter in the download_project_pdf function. Attackers can exploit this flaw by manipulating the 'project_name' parameter in a GET request to traverse the directory structure and download arbitrary PDF files from the system. This issue allows attackers to access sensitive information that could be stored in PDF format outside the intended directory."}], "affected": [{"vendor": "stitionai", "product": "stitionai/devika", "versions": [{"version": "unspecified", "lessThan": "-", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/7ea0eb5f-7643-4452-bc93-a225e2090283"}, {"url": "https://github.com/stitionai/devika/commit/6acce21fb08c3d1123ef05df6a33912bf0ee77c2"}], "metrics": [{"cvssV3_0": {"version": "3.0", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-23 Relative Path Traversal", "cweId": "CWE-23"}]}], "source": {"advisory": "7ea0eb5f-7643-4452-bc93-a225e2090283", "discovery": "EXTERNAL"}}, "adp": [{"affected": [{"vendor": "stitionai", "product": "devika", "cpes": ["cpe:2.3:a:stitionai:devika:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-09T20:32:24.866968Z", "id": "CVE-2024-5547", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-10T14:15:03.362Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:18:06.450Z"}, "title": "CVE Program Container", "references": [{"url": "https://huntr.com/bounties/7ea0eb5f-7643-4452-bc93-a225e2090283", "tags": ["x_transferred"]}, {"url": "https://github.com/stitionai/devika/commit/6acce21fb08c3d1123ef05df6a33912bf0ee77c2", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://huntr.com/bounties/7ea0eb5f-7643-4452-bc93-a225e2090283", "tags": ["x_transferred"]}, {"url": "https://github.com/stitionai/devika/commit/6acce21fb08c3d1123ef05df6a33912bf0ee77c2", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:18:06.450Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-5547", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-09T20:32:24.866968Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:stitionai:devika:*:*:*:*:*:*:*:*"], "vendor": "stitionai", "product": "devika", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T17:12:28.604Z"}}], "cna": {"title": "Directory Traversal in stitionai/devika", "source": {"advisory": "7ea0eb5f-7643-4452-bc93-a225e2090283", "discovery": "EXTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "stitionai", "product": "stitionai/devika", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "-", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/7ea0eb5f-7643-4452-bc93-a225e2090283"}, {"url": "https://github.com/stitionai/devika/commit/6acce21fb08c3d1123ef05df6a33912bf0ee77c2"}], "descriptions": [{"lang": "en", "value": "A directory traversal vulnerability exists in the /api/download-project-pdf endpoint of the stitionai/devika repository, affecting the latest version. The vulnerability arises due to insufficient sanitization of the 'project_name' parameter in the download_project_pdf function. Attackers can exploit this flaw by manipulating the 'project_name' parameter in a GET request to traverse the directory structure and download arbitrary PDF files from the system. This issue allows attackers to access sensitive information that could be stored in PDF format outside the intended directory."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-23", "description": "CWE-23 Relative Path Traversal"}]}], "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2024-07-12T07:41:27.139Z"}}}, "cveMetadata": {"cveId": "CVE-2024-5547", "state": "PUBLISHED", "dateUpdated": "2024-08-01T21:18:06.450Z", "dateReserved": "2024-05-30T19:10:14.492Z", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "datePublished": "2024-06-27T17:33:35.488Z", "assignerShortName": "@huntr_ai"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:stitionai:devika:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "E48B4C29-E925-4C73-BFC6-83FAF8741CCC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A directory traversal vulnerability exists in the /api/download-project-pdf endpoint of the stitionai/devika repository, affecting the latest version. The vulnerability arises due to insufficient sanitization of the 'project_name' parameter in the download_project_pdf function. Attackers can exploit this flaw by manipulating the 'project_name' parameter in a GET request to traverse the directory structure and download arbitrary PDF files from the system. This issue allows attackers to access sensitive information that could be stored in PDF format outside the intended directory."}, {"lang": "es", "value": "Existe una vulnerabilidad de directory traversal en el endpoint /api/download-project-pdf del repositorio stitionai/devika, que afecta a la \u00faltima versi\u00f3n. La vulnerabilidad surge debido a una desinfecci\u00f3n insuficiente del par\u00e1metro 'project_name' en la funci\u00f3n download_project_pdf. Los atacantes pueden explotar esta falla manipulando el par\u00e1metro 'project_name' en una solicitud GET para recorrer la estructura de directorios y descargar archivos PDF arbitrarios del sistema. Este problema permite a los atacantes acceder a informaci\u00f3n confidencial que podr\u00eda estar almacenada en formato PDF fuera del directorio previsto."}], "id": "CVE-2024-5547", "lastModified": "2025-07-15T15:37:21.163", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "[email protected]", "type": "Secondary"}]}, "published": "2024-06-27T18:15:20.493", "references": [{"source": "[email protected]", "tags": ["Patch"], "url": "https://github.com/stitionai/devika/commit/6acce21fb08c3d1123ef05df6a33912bf0ee77c2"}, {"source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"], "url": "https://huntr.com/bounties/7ea0eb5f-7643-4452-bc93-a225e2090283"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/stitionai/devika/commit/6acce21fb08c3d1123ef05df6a33912bf0ee77c2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://huntr.com/bounties/7ea0eb5f-7643-4452-bc93-a225e2090283"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-23"}], "source": "[email protected]", "type": "Secondary"}]}