Critical File Path Injection Vulnerability Found in MindsDB SQL Server

CVSScvssV3_1: 9.1

MindsDB is an open source SQL server for artificial intelligence applications. Researchers recently discovered a serious file path injection vulnerability that could allow attackers to write arbitrary files to the server’s file system.

The vulnerability resides in MindsDB’s API file handling code. When uploading files, the code fails to sanitize user-provided file names before using them to create temporary files. This allows an attacker to craft filenames that can navigate up the directory tree and write files anywhere on the server.

Even though MindsDB later checks the file type, by that point the malicious file has already been written. And since the temporary directory cleanup also uses the injected path, it fails to delete files written outside the expected location.

Attackers could exploit this to write malicious scripts, configuration files, or even overwrite critical system files. They would then have full control of the server and access to all its data and systems.

MindsDB has released an update that fixes the path sanitization, but users are advised to update immediately. Admins should also review server access controls and monitor for any unusual files written in system folders. With AI systems increasingly used for critical tasks, it is important projects address security thoroughly to prevent exploits.