{
  "entrypoint_kind": "api_remote",
  "entrypoint_detail": "/save-document endpoint unauthenticated POST writes a JSON config consumed by Feast feature_server.py load_static_artifacts() on product startup",
  "service_started": true,
  "healthcheck_passed": true,
  "target_path_reached": true,
  "runtime_stack": [
    "feast-feature-server",
    "fastapi",
    "uvicorn",
    "FeatureStore",
    "static_artifacts.py deployment hook"
  ],
  "proof_artifacts": [
    "logs/reproduction_steps.log",
    "logs/vuln_attempt1_writer.log",
    "logs/vuln_attempt1_consumer.log",
    "logs/vuln_attempt2_writer.log",
    "logs/vuln_attempt2_consumer.log",
    "logs/fixed_attempt1_writer.log",
    "logs/fixed_attempt1_consumer.log",
    "logs/fixed_attempt2_writer.log",
    "logs/fixed_attempt2_consumer.log",
    "logs/vuln_dotdot_writer.log",
    "artifacts/http/vuln_attempt1_save_request.json",
    "artifacts/http/vuln_attempt1_save_response.json",
    "artifacts/http/vuln_attempt2_save_request.json",
    "artifacts/http/vuln_attempt2_save_response.json",
    "artifacts/http/fixed_attempt1_save_status.txt",
    "artifacts/http/fixed_attempt1_save_response.txt",
    "artifacts/http/fixed_attempt2_save_status.txt",
    "artifacts/http/fixed_attempt2_save_response.txt",
    "artifacts/http/request_dotdot.json",
    "artifacts/http/response_dotdot.json",
    "artifacts/feature_repo/static_artifacts.py",
    "artifacts/feature_repo/static_artifacts-labels.json.attempt1",
    "artifacts/feature_repo/static_artifacts-labels.json.attempt2",
    "artifacts/rce_proof_vuln_attempt1.txt",
    "artifacts/rce_proof_vuln_attempt2.txt",
    "artifacts/written_file_dotdot.json"
  ],
  "notes": "Confirmed: real Feast Feature Server at vulnerable commit be1b52227e1ade9a3be9836391ade45eb1a26909 accepts unauthenticated /save-document writes of static_artifacts-labels.json; on product restart, Feast's built-in load_static_artifacts() imports the deployment static_artifacts.py component, consumes the written JSON, and executes the attacker-controlled startup hook in two clean attempts. Fixed commit 4018e7b0c39825a5647fb17fc5607d72fb4bc0ce removes /save-document and returns 404 in two clean attempts, so the JSON is not written and no hook executes. Additional ../ string-prefix traversal write is also proven."
}