CVE-2025-0868

Description

A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint. This issue affects DocsGPT: from 0.8.1 through 0.12.0.

References

https://github.com/arc53/DocsGPT

https://cert.pl/posts/2025/02/CVE-2025-0868/

https://cert.pl/en/posts/2025/02/CVE-2025-0868/

مدیریت سرور پشتیبانی و ثبت دامنه – آفاق هاستینگ

نوشته های مشابه

Active! mail vulnerable to stack-based buffer overflow

Multiple vulnerabilities in BizRobo!

TP-Link Deco BE65 Pro vulnerable to OS command injection

spider orange

Next.js Middleware 15.2.2 – Authorization Bypass