Command injection in in paddlepaddle/paddle


Reported on

Oct 3rd 2023

Security Report: Command Injection Vulnerability


The code in question is susceptible to a command injection vulnerability, which could potentially allow an attacker to execute arbitrary commands on the host system.

Vulnerability Details

Affected Code

def _wget_download(url, fullname):
    # using wget to download url
    tmp_fullname = fullname + "_tmp"
    # –user-agent
    command = f'wget -O {tmp_fullname} -t {DOWNLOAD_RETRY_LIMIT} {url}'
    subprc = subprocess.Popen(
        command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE

Vulnerability Description

The vulnerability arises from the way the url parameter is incorporated into the command string without proper validation or sanitization. If the url is constructed from untrusted sources, an attacker could potentially inject malicious commands.


from paddle import utils"aa; touch codexecution", "bb")

The following command will then be executed : wget -O bb_tmp -t 3 aa; touch codexecution and a file named codeexecution will be created


To address this vulnerability, the following steps should be taken:

Sanitize Input: Validate and sanitize the url parameter before using it in the shell command. Ensure it conforms to the expected format and does not contain any potentially malicious characters or sequences.

Avoid Running as Root: If this code is executed with elevated privileges (e.g., as the root user), be especially cautious about user-provided input.

Limit Permissions: Ensure that the process running this code has the minimum necessary permissions, and avoid running it with excessive privileges.

Consider Alternative Methods: Depending on your use case, consider using Python libraries like urllib or requests for downloading files, as they can be more secure and easier to control.


It is crucial to address this command injection vulnerability promptly to prevent potential exploitation by malicious actors. By implementing the recommended mitigations and conducting a thorough security review, you can significantly enhance the security of the codebase.


An attacker exploiting this vulnerability could execute arbitrary commands on the host system with the privileges of the process running the code. Depending on the context in which this code is used, this could lead to unauthorized access, data loss, or other potentially harmful consequences.

We are processing your report and will contact the paddlepaddle/paddle team within 24 hours. 5 months ago
We have contacted a member of the paddlepaddle/paddle team and are waiting to hear back 5 months ago
We have sent a follow up to the paddlepaddle/paddle team. We will try again in 4 days. 4 months ago
paddlepaddle/paddle maintainer validated this vulnerability 4 months ago

Hi, this is paddle-security team. Please notice your email cannot be found. You may not receive our replay emails. You can contact us by using other email address and make sure not block

zer0h-bb has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
3 months ago


Hey Paddle security team, Has this issue been fixed the in Paddle codebase?


Adam Nygate
2 months ago


The Paddle security team have confirmed that the security fix is planned for the 2.6.0 version with an estimated release date of December 28th.

CVE-2024-0521 assigned to this report. a month ago
This vulnerability has now been published a month ago
CVE-2024-0521 has now been published. a month ago
a month ago

Hi, I have sent in a pull request to fix this issue:

This helps in cases that still occur such as _wget_download('http://$(touch q).com','save.txt'), which use the shell without breaking url syntax.

a month ago

Thanks for merging in the fix so quickly! Could you submit the fix bounty please?

to join this conversation