Command injection in paddle.utils.download._wget_download in paddlepaddle/paddle

Valid

Reported on

Oct 3rd 2023


Security Report: Command Injection Vulnerability

Summary

The code in question is susceptible to a command injection vulnerability, which could potentially allow an attacker to execute arbitrary commands on the host system.

Vulnerability Details

Affected Code


def _wget_download(url, fullname):
    # using wget to download url
    tmp_fullname = fullname + "_tmp"
    # –user-agent
    command = f'wget -O {tmp_fullname} -t {DOWNLOAD_RETRY_LIMIT} {url}'
    subprc = subprocess.Popen(
        command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE
    )

Vulnerability Description

The vulnerability arises from the way the url parameter is incorporated into the command string without proper validation or sanitization. If the url is constructed from untrusted sources, an attacker could potentially inject malicious commands.

PoC

from paddle import utils
utils.download._wget_download("aa; touch codexecution", "bb")

The following command will then be executed : wget -O bb_tmp -t 3 aa; touch codexecution and a file named codeexecution will be created

Mitigation

To address this vulnerability, the following steps should be taken:

Sanitize Input: Validate and sanitize the url parameter before using it in the shell command. Ensure it conforms to the expected format and does not contain any potentially malicious characters or sequences.

Avoid Running as Root: If this code is executed with elevated privileges (e.g., as the root user), be especially cautious about user-provided input.

Limit Permissions: Ensure that the process running this code has the minimum necessary permissions, and avoid running it with excessive privileges.

Consider Alternative Methods: Depending on your use case, consider using Python libraries like urllib or requests for downloading files, as they can be more secure and easier to control.

Conclusion

It is crucial to address this command injection vulnerability promptly to prevent potential exploitation by malicious actors. By implementing the recommended mitigations and conducting a thorough security review, you can significantly enhance the security of the codebase.

Impact

An attacker exploiting this vulnerability could execute arbitrary commands on the host system with the privileges of the process running the code. Depending on the context in which this code is used, this could lead to unauthorized access, data loss, or other potentially harmful consequences.

We are processing your report and will contact the paddlepaddle/paddle team within 24 hours. 5 months ago
We have contacted a member of the paddlepaddle/paddle team and are waiting to hear back 5 months ago
We have sent a follow up to the paddlepaddle/paddle team. We will try again in 4 days. 4 months ago
paddlepaddle/paddle maintainer validated this vulnerability 4 months ago

Hi, this is paddle-security team. Please notice your email huntr@mlsecops.com cannot be found. You may not receive our replay emails. You can contact us by using other email address and make sure not block paddle-security-op@baidu.com.

zer0h-bb has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
Marcello
3 months ago

Admin


Hey Paddle security team, Has this issue been fixed the in Paddle codebase?

Thanks

Adam Nygate
2 months ago

Admin


The Paddle security team have confirmed that the security fix is planned for the 2.6.0 version with an estimated release date of December 28th.

CVE-2024-0521 assigned to this report. a month ago
This vulnerability has now been published a month ago
CVE-2024-0521 has now been published. a month ago
ndren
a month ago

Hi, I have sent in a pull request to fix this issue: https://github.com/PaddlePaddle/Paddle/pull/61032

This helps in cases that still occur such as _wget_download('http://$(touch q).com','save.txt'), which use the shell without breaking url syntax.

ndren
a month ago

Thanks for merging in the fix so quickly! Could you submit the fix bounty please? https://github.com/PaddlePaddle/Paddle/commit/b8f9a0ad4b6f0c0ac19dbe13c904ce2d1a1acff7

to join this conversation