Impact
The vulnerability arises when the nanobot WhatsApp bridge concatenates a document message's fileName field directly into a file system path without sanitization. The path is then passed to Node.js path.join, which resolves any '..' components, allowing an attacker to escape the intended media directory. The attacker also controls the file content, giving them a write-anywhere primitive. By crafting a fileName such as '../../../.ssh/authorized_keys' and sending a suitable document, an attacker can overwrite privileged files or drop malicious payloads, leading to remote code execution or privilege escalation.
Affected Systems
The affected vendor is HKUDS, product nanobot. Versions 0.1.5.post3 and all earlier releases contain the flaw. The product is a personal AI assistant that communicates via WhatsApp.
Risk and Exploitability
With a CVSS score of 8.7, the flaw poses high severity. The EPSS score is unavailable and the vulnerability is not listed in CISA's KEV catalog, but the path traversal and arbitrary write mechanism make exploitation straightforward for a sender controlling WhatsApp messages. The likely attack vector involves an attacker sending a crafted document through the WhatsApp bridge. Successful exploitation could enable remote code execution or compromise system files such as SSH authorized_keys.
OpenCVE Enrichment