Description
SQLBot is an intelligent data query system based on a large language model and RAG. Versions prior to 1.7.0 contain a Server-Side Request Forgery (SSRF) vulnerability that allows an attacker to retrieve arbitrary system and application files from the server. An attacker can exploit the /api/v1/datasource/check endpoint by configuring a forged MySQL data source with a malicious parameter extraJdbc="local_infile=1". When the SQLBot backend attempts to verify the connectivity of this data source, an attacker-controlled Rogue MySQL server issues a malicious LOAD DATA LOCAL INFILE command during the MySQL handshake. This forces the target server to read arbitrary files from its local filesystem (such as /etc/passwd or configuration files) and transmit the contents back to the attacker. This issue was fixed in version 1.7.0.
Published: 2026-03-20
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary File Read
Action: Apply Patch
AI Analysis

Impact

SQLBot, an intelligent data query system, contains a server‑side request forgery flaw that lets an attacker configure a forged MySQL data source with a malicious parameter. During connectivity checks, the backend handshakes with a rogue MySQL server that issues a LOAD DATA LOCAL INFILE command, forcing the SQLBot server to read any file it can access and return the contents to the attacker. This yields arbitrary file read, compromising sensitive configuration, credential, or user data.

Affected Systems

The vulnerability affects all releases of SQLBot before version 1.7.0, including the dataease:SQLBot product. It applies to environments that expose the /api/v1/datasource/check endpoint and permit configuration of external MySQL data sources with the local_infile option enabled.

Risk and Exploitability

The CVSS score of 8.7 classifies the flaw as high severity. EPSS is below 1%, indicating that exploiting this vulnerability is currently unlikely, and it is not listed in the CISA KEV catalog. Nevertheless, the attack can be carried out remotely by sending a crafted request to the exposed endpoint; the attacker only needs to set up a rogue MySQL server with the malicious LOAD DATA LOCAL INFILE statement. Because the flaw succeeds in reading arbitrary files, the potential impact on confidentiality is significant, and the exploitation does not require privileged access beyond the exposed API.

Generated by OpenCVE AI on March 23, 2026 at 18:27 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade SQLBot to version 1.7.0 or later to eliminate the SSRF and local file read vulnerability.
  • Disable the local_infile option or block external MySQL connections used in data source configurations if upgrade is not immediately feasible.
  • Restrict access to the /api/v1/datasource/check endpoint to trusted administrators or network segments.
  • Monitor logs for unexpected LOAD DATA LOCAL INFILE usage and unauthorized data source checks.

Generated by OpenCVE AI on March 23, 2026 at 18:27 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 23 Mar 2026 17:45:00 +0000

Type Values Removed Values Added
First Time appeared Fit2cloud
Fit2cloud sqlbot
CPEs cpe:2.3:a:fit2cloud:sqlbot:*:*:*:*:*:*:*:*
Vendors & Products Fit2cloud
Fit2cloud sqlbot
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

Fri, 20 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 20 Mar 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Dataease
Dataease sqlbot
Vendors & Products Dataease
Dataease sqlbot

Fri, 20 Mar 2026 04:45:00 +0000

Type Values Removed Values Added
Description SQLBot is an intelligent data query system based on a large language model and RAG. Versions prior to 1.7.0 contain a Server-Side Request Forgery (SSRF) vulnerability that allows an attacker to retrieve arbitrary system and application files from the server. An attacker can exploit the /api/v1/datasource/check endpoint by configuring a forged MySQL data source with a malicious parameter extraJdbc="local_infile=1". When the SQLBot backend attempts to verify the connectivity of this data source, an attacker-controlled Rogue MySQL server issues a malicious LOAD DATA LOCAL INFILE command during the MySQL handshake. This forces the target server to read arbitrary files from its local filesystem (such as /etc/passwd or configuration files) and transmit the contents back to the attacker. This issue was fixed in version 1.7.0.
Title SQLBot: SSRF to Arbitrary File Read (AFR) via Rogue MySQL
Weaknesses CWE-73
CWE-918
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Dataease Sqlbot
Fit2cloud Sqlbot
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-20T19:50:35.555Z

Reserved: 2026-03-17T00:05:53.284Z

Link: CVE-2026-32949

cve-icon Vulnrichment

Updated: 2026-03-20T19:50:19.414Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-20T05:16:14.387

Modified: 2026-03-23T17:35:16.990

Link: CVE-2026-32949

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T14:09:21Z

Weaknesses