A critical Path Traversal flaw in PraisonAI enables attackers to overwrite sensitive files or execute payloads via the Action Orchestrator.

The Action Orchestrator fails to sanitize input paths, permitting the use of directory traversal sequences (../). This allows an attacker to escape the designated workspace directory and perform unauthorized file system operations.

With a CVSS score of 9.0, this vulnerability allows for significant system-level impact. Attackers can gain persistence, modify configuration files, or overwrite binaries, leading to total compromise of the PraisonAI host.

Immediate Action: Upgrade PraisonAI to version 1.5.113 or later to patch the path validation logic.

Proactive Monitoring: Monitor file system activity logs for unauthorized modifications to sensitive directories and binary files.

Compensating Controls: Run the application within a containerized environment with a read-only root file system and strictly limited volume mounts.

Public Exploit Available: No

Path traversal vulnerabilities in orchestration systems are extremely dangerous. Organizations must upgrade to version 1.5.113 immediately to prevent potential remote code execution or system file tampering.