CVE-2026-6117 - Vulnerability Details

- AstrBotDevs AstrBot install-upload Endpoint plugin.py install_plugin_upload sandbox

Description

A vulnerability was found in AstrBotDevs AstrBot up to 4.22.1. This issue affects the function install_plugin_upload of the file astrbot/dashboard/routes/plugin.py of the component install-upload Endpoint. The manipulation of the argument File results in sandbox issue. The attack can be executed remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.

Published: 2026-04-12

Score: 5.3 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A file upload endpoint in AstrBot’s dashboard allows the modification of the File argument, which the application processes without adequate sandbox protection. By manipulating this argument, an attacker can escape the intended sandbox environment and potentially execute arbitrary code on the server. The vulnerability is exploitable remotely through the web interface and has an publicly available exploit. The description does not confirm that the sandbox escape immediately results in code execution, but it clearly indicates a path for execution beyond normal boundaries.

Affected Systems

The flaw impacts AstrBotDevs AstrBot versions up to 4.22.1. Users of any older release should verify the installed version and plan to upgrade once a fix is released. No newer versions are listed as affected, so a version newer than 4.22.1 is presumed safe unless future releases reintroduce the issue.

Risk and Exploitability

The CVSS score of 5.3 reflects moderate severity. No EPSS score is available, and the vulnerability is not cataloged in CISA’s KEV list. Because the attack vector is remote and the exploit is publicly disclosed, the likelihood of exploitation is non‑negligible. Administrators should treat the exposed sandbox as a tangible risk to service integrity and potential confidentiality breaches.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

AstrBotDevs

AstrBot

affected

Version	Status	Constraints
`4.22.0`	affected	—
`4.22.1`	affected	—

No data.

Vendor Product Confidence Versions

Astrbot

95%

Version	Status	Scheme	Platform
`4.22.0`	affected	semver	—
`4.22.1`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade AstrBot to a version newer than 4.22.1 as soon as it is available.
Restrict network access to the install-upload endpoint using firewall rules or access control lists.
Monitor system logs for unexpected plugin upload activity and respond if suspicious patterns are detected.

Generated by OpenCVE AI on April 12, 2026 at 06:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00044.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/AstrBotDevs/AstrBot/
https://github.com/AstrBotDevs/AstrBot/issues/7168
https://vuldb.com/submit/792653
https://vuldb.com/vuln/356977
https://vuldb.com/vuln/356977/cti

History

Wed, 15 Apr 2026 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Sun, 12 Apr 2026 05:00:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability was found in AstrBotDevs AstrBot up to 4.22.1. This issue affects the function install_plugin_upload of the file astrbot/dashboard/routes/plugin.py of the component install-upload Endpoint. The manipulation of the argument File results in sandbox issue. The attack can be executed remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
Title		AstrBotDevs AstrBot install-upload Endpoint plugin.py install_plugin_upload sandbox
First Time appeared		Astrbot Astrbot astrbot
Weaknesses		CWE-264 CWE-265
CPEs		cpe:2.3:a:astrbot:astrbot::::::::
Vendors & Products		Astrbot Astrbot astrbot
References		https://github.com/AstrBotDevs/AstrBot/ https://github.com/AstrBotDevs/AstrBot/issues/7168 https://vuldb.com/submit/792653 https://vuldb.com/vuln/356977 https://vuldb.com/vuln/356977/cti
Metrics		cvssV2_0 `{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Astrbot Astrbot

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-04-12T04:30:12.395Z

Updated: 2026-04-15T15:18:45.908Z

Reserved: 2026-04-11T08:50:17.695Z

Link: CVE-2026-6117

Vulnrichment

Updated: 2026-04-15T15:18:40.510Z

NVD

Status : Deferred

Published: 2026-04-12T05:16:01.287

Modified: 2026-04-29T01:00:01.613

Link: CVE-2026-6117

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-13T12:56:16Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object