Description
Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, when the crawler saves a downloaded file, the destination filename was taken from attacker-influenced input and joined to the downloads directory with no confinement. A filename containing an absolute path or traversal escaped the downloads directory, giving an arbitrary file write with attacker-controlled contents; the HTTP crawler path uses the response Content-Disposition filename and the browser crawler path uses the download's suggested filename. Because the written bytes are attacker-controlled, this can escalate to remote code execution. This issue is fixed in version 0.9.0.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Mon, 06 Jul 2026 23:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Unclecode
Unclecode crawl4ai |
|
| Vendors & Products |
Unclecode
Unclecode crawl4ai |
Mon, 06 Jul 2026 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, when the crawler saves a downloaded file, the destination filename was taken from attacker-influenced input and joined to the downloads directory with no confinement. A filename containing an absolute path or traversal escaped the downloads directory, giving an arbitrary file write with attacker-controlled contents; the HTTP crawler path uses the response Content-Disposition filename and the browser crawler path uses the download's suggested filename. Because the written bytes are attacker-controlled, this can escalate to remote code execution. This issue is fixed in version 0.9.0. | |
| Title | Crawl4AI arbitrary file write via download filename path traversal | |
| Weaknesses | CWE-22 CWE-59 |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-07-06T20:09:52.251Z
Reserved: 2026-06-24T18:49:56.207Z
Link: CVE-2026-57571
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-06T23:30:12Z