CVE-2024-23633 in label-studioinfo

Summary

by MITRE • 01/24/2024

Label Studio, an open source data labeling tool had a remote import feature allowed users to import data from a remote web source, that was downloaded and could be viewed on the website. Prior to version 1.10.1, this feature could had been abused to download a HTML file that executed malicious JavaScript code in the context of the Label Studio website. Executing arbitrary JavaScript could result in an attacker performing malicious actions on Label Studio users if they visit the crafted avatar image. For an example, an attacker can craft a JavaScript payload that adds a new Django Super Administrator user if a Django administrator visits the image.

`data_import/uploader.py` lines 125C5 through 146 showed that if a URL passed the server side request forgery verification checks, the contents of the file would be downloaded using the filename in the URL. The downloaded file path could then be retrieved by sending a request to `/api/projects/{project_id}/file-uploads?ids=[{download_id}]` where `{project_id}` was the ID of the project and `{download_id}` was the ID of the downloaded file. Once the downloaded file path was retrieved by the previous API endpoint, `data_import/api.py`lines 595C1 through 616C62 demonstrated that the `Content-Type` of the response was determined by the file extension, since `mimetypes.guess_type` guesses the `Content-Type` based on the file extension. Since the `Content-Type` was determined by the file extension of the downloaded file, an attacker could import in a `.html` file that would execute JavaScript when visited.

Version 1.10.1 contains a patch for this issue. Other remediation strategies are also available. For all user provided files that are downloaded by Label Studio, set the `Content-Security-Policy: sandbox;` response header when viewed on the site. The `sandbox` directive restricts a page's actions to prevent popups, execution of plugins and scripts and enforces a `same-origin` policy. Alternatively, restrict the allowed file extensions that may be downloaded.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Analysis

by VulDB Data Team • 02/17/2024

The vulnerability identified as CVE-2024-23633 affects Label Studio, an open source data labeling platform that enables users to import data from remote web sources through its remote import feature. This functionality allows users to download files from external URLs and subsequently view them within the Label Studio interface. The security flaw stems from insufficient validation of downloaded file content and improper handling of file extensions, creating a server-side request forgery vulnerability that can be exploited to execute malicious JavaScript code within the context of the Label Studio website. This represents a critical security risk as it enables attackers to perform arbitrary actions on behalf of legitimate users who visit maliciously crafted content.

The technical implementation of this vulnerability resides in the `data_import/uploader.py` module where lines 125 through 146 demonstrate that after passing server-side request forgery verification checks, the system downloads content using the filename from the URL. The downloaded file path becomes accessible through the API endpoint `/api/projects/{project_id}/file-uploads?ids=[{download_id}]` where the system retrieves the file using the download ID associated with the project. The exploitation occurs in `data_import/api.py` lines 595 through 616 where the Content-Type header is determined by `mimetypes.guess_type` function that bases its determination on file extensions rather than actual content analysis. This allows attackers to import HTML files that execute JavaScript when accessed, creating a cross-site scripting vector that can be leveraged for privilege escalation and other malicious activities.

The operational impact of this vulnerability is severe as it enables attackers to execute arbitrary JavaScript code within the context of the Label Studio website, potentially leading to complete compromise of user sessions and administrative privileges. A specific exploitation example demonstrates how an attacker could craft a JavaScript payload to add a new Django Super Administrator user when a Django administrator visits the malicious image, effectively granting persistent administrative access to the system. This vulnerability affects all versions prior to 1.10.1 and represents a significant threat to organizations relying on Label Studio for sensitive data labeling operations, particularly in environments where administrators might inadvertently access malicious content.

The vulnerability aligns with CWE-94, which describes "Improper Control of Generation of Code ('Code Injection')" and relates to ATT&CK technique T1059.007 for "Command and Scripting Interpreter: JavaScript" within the Execution phase. The patch implemented in version 1.10.1 addresses this issue through proper file extension validation and content-type handling. Additional mitigation strategies include implementing the Content-Security-Policy header with sandbox directive when serving user-provided files, which restricts page actions and enforces same-origin policy to prevent script execution and popup creation. Alternative approaches involve restricting allowed file extensions for downloads and implementing proper content validation mechanisms that analyze actual file content rather than relying solely on file extensions for determining security policies, thereby preventing the exploitation of similar vulnerabilities in the future.

Responsible

GitHub, Inc.

Reservation

01/19/2024

Disclosure

01/24/2024

Moderation

accepted

CPE

ready

EPSS

0.00592

KEV

no

Activities

very low

Sources

Interested in the pricing of exploits?

See the underground prices here!