CVE DATABASE / CVE-2024-6091
CVE-2024-6091
CVSS 9.8 · CRITICAL
Summary
A vulnerability in significant-gravitas/autogpt version 0.5.1 allows an attacker to bypass the shell commands denylist settings. The issue arises when the denylist is configured to block specific commands, such as 'whoami' and '/bin/whoami'. An attacker can circumvent this restriction by executing commands with a modified path, such as '/bin/./whoami', which is not recognized by the denylist.
CVSS 3.1 breakdown
| Base score | 9.8 (CRITICAL) |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Privileges required | NONE |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity | HIGH |
| Availability | HIGH |
Weakness type (CWE)
Affected products
Agpt autogpt classic
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- https://github.com/significant-gravitas/autogpt/commit/ef691359b774a1f9f80cf4f5ace9821967b718ed
- https://huntr.com/bounties/8a742c13-bb5e-4bc9-8b86-049d8a386050
Data: NIST NVD. NVD last modified 2025-08-05. Always verify against the vendor advisory before acting.