A critical vulnerability has been identified in the LangChain-ChatGLM-Webui application, assigned CVE-2025-45150. This flaw stems from insecure permissions that allow an unauthenticated attacker to view and download any file on the server by sending a specially crafted request. Successful exploitation could lead to a complete loss of confidentiality, exposing sensitive data, system credentials, and intellectual property.

The vulnerability is a path traversal or insecure direct object reference (IDOR) flaw within the LangChain-ChatGLM-Webui application. The application fails to properly validate user-supplied input for file paths, allowing an attacker to craft a request that navigates outside of the intended web root directory. By manipulating a parameter in an HTTP request with sequences like ../, an attacker can access and download arbitrary files from the underlying server's file system, such as configuration files, source code, or sensitive operating system files like /etc/passwd.

This vulnerability is rated as critical severity with a CVSS score of 9.8. Exploitation can lead to severe and direct business impact, including the exfiltration of highly sensitive corporate data, customer personally identifiable information (PII), intellectual property, and application credentials stored on the server. The consequences of such a data breach include significant financial loss, severe reputational damage, loss of customer trust, and potential regulatory fines for non-compliance with data protection standards.

Immediate Action: Immediately update all instances of LangChain-ChatGLM-Webui to a patched version released after commit ef829, as recommended by the vendor. After patching, it is crucial to review web server and application access logs for any signs of exploitation that may have occurred prior to remediation.

Proactive Monitoring: Security teams should implement monitoring rules to detect exploitation attempts. Look for unusual requests in web server logs containing path traversal patterns (e.g., ../, ..%2f, absolute file paths). Monitor for anomalous outbound network traffic from affected servers, which could indicate data exfiltration.

Compensating Controls: If immediate patching is not feasible, implement a Web Application Firewall (WAF) with strict rules to block path traversal attack patterns. Additionally, enforce the principle of least privilege by ensuring the service account running the web application has read/write access only to the directories it absolutely requires, limiting the impact of a successful exploit.

Public Exploit Available: false

Given the critical CVSS score of 9.8 and the high risk of sensitive data exfiltration, this vulnerability poses a severe threat to the organization. We strongly recommend that all vulnerable instances of LangChain-ChatGLM-Webui be identified and patched immediately. Due to the ease of exploitation, this vulnerability should be treated as the highest priority for remediation. While not yet on the CISA KEV list, its characteristics make it a prime candidate for future inclusion and widespread exploitation.