Impact
- Description
SQLBot version 1.3.0 and earlier contains a missing authentication vulnerability in the /api/v1/datasource/uploadExcel endpoint, allowing a remote unauthenticated attacker to upload arbitrary Excel/CSV files and inject data directly into the PostgreSQL database.
The endpoint is explicitly added to the authentication whitelist at backend/common/utils/whitelist.py:36, causing the TokenMiddleware at backend/apps/system/middleware/auth.py:32 to bypass all token validation. Uploaded files are parsed by pandas and inserted into the database via to_sql() with if_exists='replace' mode.
-
Impact
Allows unauthenticated attackers to inject arbitrary data into the application database, potentially leading to stored XSS attacks, data poisoning of AI/LLM components, database pollution, and disk exhaustion (uploaded files are never deleted).
-
POC
# Upload malicious CSV without authentication
curl -X POST "http://<target>:8000/api/v1/datasource/uploadExcel" \
-F "file=@malicious.csv"
Expected Response (HTTP 200):
{
"code": 0,
"data": {
"filename": "malicious_a1b2c3d4e5.csv",
"sheets": [
{
"tableName": "Sheet1_bcd95768bc",
"tableComment": ""
}
]
},
"msg": null
}
Affected versions: < 1.5.0
Patches
The vulnerability has been fixed in v1.5.0.
Workarounds
It is recommended to upgrade the version to v1.5.0.
References
If you have any questions or comments about this advisory:
Open an issue in https://github.com/dataease/sqlbot
Email us at wei@fit2cloud.com
Impact
SQLBot version 1.3.0 and earlier contains a missing authentication vulnerability in the /api/v1/datasource/uploadExcel endpoint, allowing a remote unauthenticated attacker to upload arbitrary Excel/CSV files and inject data directly into the PostgreSQL database.
The endpoint is explicitly added to the authentication whitelist at backend/common/utils/whitelist.py:36, causing the TokenMiddleware at backend/apps/system/middleware/auth.py:32 to bypass all token validation. Uploaded files are parsed by pandas and inserted into the database via to_sql() with if_exists='replace' mode.
Impact
Allows unauthenticated attackers to inject arbitrary data into the application database, potentially leading to stored XSS attacks, data poisoning of AI/LLM components, database pollution, and disk exhaustion (uploaded files are never deleted).
POC
Expected Response (HTTP 200):
Affected versions: < 1.5.0
Patches
The vulnerability has been fixed in v1.5.0.
Workarounds
It is recommended to upgrade the version to v1.5.0.
References
If you have any questions or comments about this advisory:
Open an issue in https://github.com/dataease/sqlbot
Email us at wei@fit2cloud.com