जमा करें #791693: FoundationAgents MetaGPT 0.8.1 Code Injection (CWE-94)जानकारी

शीर्षकFoundationAgents MetaGPT 0.8.1 Code Injection (CWE-94)
विवरणA Remote Code Execution (RCE) vulnerability exists in the check_solution() method in metagpt/ext/aflow/benchmark/humaneval.py and metagpt/ext/aflow/benchmark/mbpp.py, and in metagpt/ext/aflow/operator.py of MetaGPT. The application fails to sanitize or sandbox LLM-generated code before executing it via the built-in Python exec() function. Any code returned by the LLM is executed directly on the host system with full OS-level privileges. File: metagpt/ext/aflow/benchmark/humaneval.py, Method: check_solution() - Calls exec() on LLM-generated code without sandboxing. File: metagpt/ext/aflow/benchmark/mbpp.py, Method: check_solution() - Same exec() pattern, no isolation layer. File: metagpt/ext/aflow/operator.py - Also invokes exec() on untrusted LLM output. Reproduction: 1. Install MetaGPT (pip install metagpt). 2. Prepare malicious payload: import os; def solve(x): os.system('touch /tmp/rce_proof'); return x 3. Trigger HumanEvalBenchmark.check_solution() with the payload. 4. Verify /tmp/rce_proof exists on the host. Impact: Arbitrary OS command execution. Attacker who can influence LLM outputs via prompt injection can achieve full environment compromise.
स्रोत⚠️ https://github.com/FoundationAgents/MetaGPT/issues/1942
उपयोगकर्ता
 Eric-y (UID 95889)
सबमिशन28/03/2026 03:13 AM (4 महीनों पहले)
संयम09/04/2026 02:04 PM (12 days later)
स्थितिस्वीकृत
VulDB प्रविष्टि356524 [FoundationAgents MetaGPT तक 0.8.1 HumanEvalBenchmark/MBPPBenchmark check_solution अधिकार वृद्धि]
अंक20

Do you need the next level of professionalism?

Upgrade your account now!