Exposing Microsoft's flawed code that lets attackers access files on your server
9 months ago
- #AI
- #vulnerability
- #security
- Microsoft introduced NLWeb (Natural Language Web) at Build 2025 to enable AI agents to interact with websites.
- A security vulnerability was found in NLWeb's open-source framework by researchers Aonan Guan and Lei Wang.
- The vulnerability involved a path traversal issue in the `webserver/static_file_handler.py` file.
- The flaw allowed attackers to access sensitive files like `/etc/passwd` and `.env` by exploiting directory traversal sequences (`../`).
- Microsoft fixed the issue by validating file paths and restricting allowed file extensions.
- The incident highlights the security risks of the 'agentic web' and the need for careful handling of natural language inputs.