CVE-2024-9418
Published: 20 March 2025
Summary
CVE-2024-9418 is a medium-severity Plaintext Storage of a Password (CWE-256) vulnerability in Superagi Superagi. Its CVSS base score is 6.5 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Credential Access (T1212); ranked at the 47.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-6846
Vulnerability details
In version 0.0.14 of transformeroptimus/superagi, the API endpoint `/api/users/get/{id}` returns the user's password in plaintext. This vulnerability allows an attacker to retrieve the password of another user, leading to potential account takeover.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The API endpoint exposes plaintext user passwords, enabling exploitation of a public-facing application for credential access (T1212), accessing unsecured credentials (T1552), and facilitating valid account abuse for account takeover (T1078).
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Protection of passwords and credentials at rest forces encryption or equivalent controls instead of plaintext storage.