The vulnerability arises because Dagu’s API endpoints for getting, deleting, renaming, and executing DAGs pass the {fileName} URL path parameter directly to the locateDAG function without validating the name. When a user supplies a %2F-encoded forward slash in this segment, the path resolution can step outside the intended DAGs directory. This flaw permits an attacker to read or manipulate files that are stored outside the DAG workspace, potentially exposing sensitive data or enabling further compromise. The weakness is clearly a path traversal flaw, classified as CWE-22, which directly compromises the confidentiality and integrity of the underlying file system. The impact can be significant, especially if the application runs with elevated privileges or if critical configuration files are reachable.

The affected product is Dagu, a workflow engine with a web interface, provided by the vendor dagu-org. Versions from 2.0.0 up to, but not including, 2.3.1 are vulnerable. Version 2.3.1 and later include a fix that ensures the file name is validated before use.

The CVSS score of 8.1 indicates a high severity, while the EPSS score of less than 1% suggests exploitation is unlikely at present. The vulnerability is not listed in the CISA KEV catalog. The attack vector is inferred to be remote, via the exposed HTTP API, as the flaw is triggered by passing a specially crafted URL segment. An attacker can exploit this by constructing a URL that contains %2F-encoded slashes to traverse directories and access unauthorized files on the server.