VYPR
← All advisories
Medium severity6.3OSV Advisory· Published Nov 26, 2024· Updated Apr 15, 2026

CVE-2024-53844

CVE-2024-53844

Description

E.D.D.I (Enhanced Dialog Driven Interface) is a middleware to connect and manage LLM API bots. A path traversal vulnerability exists in the backup export functionality of EDDI, as implemented in RestExportService.java. This vulnerability allows an attacker to access sensitive files on the server by manipulating the botFilename parameter in requests. The application fails to sanitize user input, enabling malicious inputs such as ..%2f..%2fetc%2fpasswd to access arbitrary files. However, the severity of this vulnerability is significantly limited because EDDI typically runs within a Docker container, which provides additional layers of isolation and restricted permissions. As a result, while this vulnerability exposes files within the container, it does not inherently threaten the underlying host system or other containers. A patch is required to sanitize and validate the botFilename input parameter. Users should ensure they are using version 5.4 which contains this patdch. For temporary mitigation, access to the vulnerable endpoint should be restricted through firewall rules or authentication mechanisms.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Path traversal in EDDI backup export allows reading arbitrary files inside the Docker container, limited by container isolation.

Vulnerability

CVE-2024-53844 is a path traversal vulnerability in the backup export functionality of EDDI, a middleware for LLM API bots. The flaw resides in RestExportService.java, where the botFilename parameter is not sanitized, allowing an attacker to input sequences like ..%2f..%2fetc%2fpasswd to access files outside the intended directory [1][2].

Exploitation

An attacker can exploit this by sending a crafted HTTP request to the /backup/export endpoint with a manipulated botFilename parameter. No authentication is mentioned as a prerequisite, making the attack surface potentially accessible over the network. However, EDDI typically runs inside a Docker container as a non-root user (UID 185), which restricts file access to those readable by that user within the container [1].

Impact

Successful exploitation leads to unauthorized read access to sensitive files inside the container, such as application configuration, logs, or credentials. This could expose API keys or other secrets stored in the container, and aid in reconnaissance. The impact is limited to the container itself; the host system and other containers remain unaffected due to Docker isolation [1].

Mitigation

The vulnerability is patched in version 5.4 of EDDI [1]. Users should upgrade immediately. As a temporary workaround, restrict network access to the /backup/export endpoint using firewall rules or authentication mechanisms [1].

References
  1. Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in labsai/eddi
  2. EDDI/src/main/java/ai/labs/eddi/backup/impl/RestExportService.java at release/5.3.3 · labsai/EDDI

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

1

Patches

1
1680fc769b54
https://github.com/labsai/EDDIvia osv
commit

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

2

News mentions

0

No linked articles in our index yet.