CVE-2024-5334
Published: 27 June 2024
Summary
CVE-2024-5334 is a high-severity External Control of File Name or Path (CWE-73) vulnerability in Stitionai Devika. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Data from Local System (T1005); ranked in the top 1.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Privacy and Disclosure risk domain.
Deeper analysis
CVE-2024-5334 is a local file read vulnerability in the stitionai/devika repository affecting its latest version. The flaw stems from improper handling of the snapshot_path parameter in the /api/get-browser-snapshot endpoint, which permits an attacker to supply an arbitrary path and retrieve file contents from the underlying system. The issue is tracked under CWE-73 and carries a CVSS 3.0 score of 7.5.
An unauthenticated remote attacker can exploit the vulnerability by sending a crafted HTTP request containing a malicious snapshot_path value. Successful exploitation grants read access to any file on the server filesystem, exposing sensitive configuration data, source code, or credentials without requiring user interaction or elevated privileges.
Public references point to a fix merged in commit 6acce21fb08c3d1123ef05df6a33912bf0ee77c2 of the devika repository, which addresses the path-handling logic in the affected endpoint. The same change is referenced in the associated huntr.dev bounty report.
The EPSS score for this CVE currently stands at 0.6275, matching its observed peak.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-46559
Vulnerability details
A local file read vulnerability exists in the stitionai/devika repository, affecting the latest version. The vulnerability is due to improper handling of the 'snapshot_path' parameter in the '/api/get-browser-snapshot' endpoint. An attacker can exploit this vulnerability by crafting a request with…
more
a malicious 'snapshot_path' parameter, leading to arbitrary file read from the system. This issue impacts the security of the application by allowing unauthorized access to sensitive files on the server.
- CWE(s)
AI Security AnalysisAI
- AI Category
- Enterprise AI Assistants
- Risk Domain
- Privacy and Disclosure
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- stitionai/devika is an open-source AI agentic software engineer (AI coding assistant), fitting Enterprise AI Assistants; vulnerability reported on AI/ML bug bounty platform huntr.com.
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
LFI vulnerability via public-facing API endpoint (T1190) enables arbitrary local file reads for data collection (T1005), file/directory discovery (T1083), and credential access from files (T1081).
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Rejects externally supplied file or resource identifiers that fail validity checks.