{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T17:50:54.785","vulnerabilities":[{"cve":{"id":"CVE-2024-8537","sourceIdentifier":"security@huntr.dev","published":"2025-03-20T10:15:42.970","lastModified":"2025-08-01T01:50:54.053","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A path traversal vulnerability exists in the modelscope/agentscope application, affecting all versions. The vulnerability is present in the /delete-workflow endpoint, allowing an attacker to delete arbitrary files from the filesystem. This issue arises due to improper input validation, enabling the attacker to manipulate file paths and delete sensitive files outside of the intended directory."},{"lang":"es","value":"Existe una vulnerabilidad de path traversal en la aplicación modelscope/agentscope, que afecta a todas las versiones. La vulnerabilidad está presente en el endpoint /delete-workflow, lo que permite a un atacante eliminar archivos arbitrarios del sistema de archivos. Este problema surge debido a una validación de entrada incorrecta, lo que permite al atacante manipular las rutas de los archivos y eliminar archivos confidenciales fuera del directorio previsto."}],"metrics":{"cvssMetricV30":[{"source":"security@huntr.dev","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}]},"weaknesses":[{"source":"security@huntr.dev","type":"Secondary","description":[{"lang":"en","value":"CWE-29"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:modelscope:agentscope:*:*:*:*:*:*:*:*","matchCriteriaId":"E14447D8-02C4-46FE-B344-800659DB7E4C"}]}]}],"references":[{"url":"https://huntr.com/bounties/eeb8aa4b-e6e5-465c-b0dd-aa97e3b7dc09","source":"security@huntr.dev","tags":["Exploit","Third Party Advisory"]}]}}]}