إرسال #792223: AgentScope <= 1.0.18 Code Injection (CWE-94)المعلومات

عنوان	AgentScope <= 1.0.18 Code Injection (CWE-94)
الوصف	# Technical Details A Code Injection/Remote Code Execution vulnerability exists in the `execute_python_code` and `execute_shell_command` methods in `src/agentscope/tool/_coding/_python.py` and `src/agentscope/tool/_coding/_shell.py` of AgentScope. The application fails to sandbox or isolate the execution environment and directly passes LLM-generated arguments to subprocess execution without inspection or validation. # Vulnerable Code File: src/agentscope/tool/_coding/_python.py and src/agentscope/tool/_coding/_shell.py Method: execute_python_code and execute_shell_command Why: The functions write provided code strings to a temp file and execute them via subprocess (`asyncio.create_subprocess_exec` and `asyncio.create_subprocess_shell`) with full inheritance of the server process environment (`os.environ.copy()`) and zero sandboxing or privilege dropping. # Reproduction 1. Deploy a ReActAgent with code execution tools (`execute_python_code`, `execute_shell_command`) exposed over HTTP, following the official patterns. 2. Send a prompt injection crafted payload via HTTP POST to the agent's chat endpoint instructing it to use `execute_python_code` to evaluate arbitrary Python code (e.g., retrieving system info). 3. The LLM processes the injected prompt and generates a tool call containing the malicious payload, which is directly executed by the server, resulting in RCE and environment variable exfiltration. # Impact - Arbitrary Code Execution - Environment Variable Exfiltration (API keys, database credentials) - Internal network lateral movement - Data destruction or server compromise
المصدر	⚠️ https://gist.github.com/YLChen-007/c084d69aaeda6729f3988603f2b0ce6e
المستخدم	Eric-f (UID 96873)
ارسال	29/03/2026 05:27 AM (24 أيام منذ)
الاعتدال	19/04/2026 04:12 PM (21 days later)
الحالة	تمت الموافقة
إدخال VulDB	358238 [modelscope agentscope حتى 1.0.18 _python.py execute_python_code/execute_shell_command تجاوز الصلاحيات]
النقاط	20

التالي ▸نظرة عامة ◂ السابق

Do you need the next level of professionalism?

Upgrade your account now!