| عنوان | InternLM lmdeploy <=0.7.1 Code Injection |
|---|
| الوصف | The lmdeploy is LLM deployment tool, which is vulnerable to code injection attacks due to the use of exec and compile functions in an unsafe manner. In the code, it reads the contents of the version.py file located at ../../lmdeploy/version.py using relative paths and then executes the read code without proper validation.
Attackers can exploit this vulnerability through multiple vectors. One method is malicious file tampering. If an attacker has access to the relevant directories in the application's file system, they can locate the version.py file and modify it using standard file - editing tools or scripts if they have write permissions. They can then insert malicious code, such as code to delete files or execute unauthorized system commands.
This vulnerability can lead to serious consequences, including unauthorized file deletion, execution of malicious system commands, and potential compromise of sensitive information, affecting the security and integrity of the application and its associated systems.
More details : https://github.com/InternLM/lmdeploy/issues/3254 |
|---|
| المستخدم | ybdesire (UID 83239) |
|---|
| ارسال | 25/03/2025 10:43 AM (1 سنة منذ) |
|---|
| الاعتدال | 03/04/2025 09:06 AM (9 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 303109 [InternLM LMDeploy حتى 0.7.1 lmdeploy/docs/en/conf.py open تجاوز الصلاحيات] |
|---|
| النقاط | 17 |
|---|