| 제목 | InternLM lmdeploy <=0.7.1 Code Injection |
|---|
| 설명 | The lmdeploy is LLM deployment tool, which is vulnerable to code injection attacks due to the use of exec and compile functions in an unsafe manner. In the code, it reads the contents of the version.py file located at ../../lmdeploy/version.py using relative paths and then executes the read code without proper validation.
Attackers can exploit this vulnerability through multiple vectors. One method is malicious file tampering. If an attacker has access to the relevant directories in the application's file system, they can locate the version.py file and modify it using standard file - editing tools or scripts if they have write permissions. They can then insert malicious code, such as code to delete files or execute unauthorized system commands.
This vulnerability can lead to serious consequences, including unauthorized file deletion, execution of malicious system commands, and potential compromise of sensitive information, affecting the security and integrity of the application and its associated systems.
More details : https://github.com/InternLM/lmdeploy/issues/3254 |
|---|
| 사용자 | ybdesire (UID 83239) |
|---|
| 제출 | 2025. 03. 25. AM 10:43 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 04. 03. AM 09:06 (9 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 303109 [InternLM LMDeploy 까지 0.7.1 lmdeploy/docs/en/conf.py open 권한 상승] |
|---|
| 포인트들 | 17 |
|---|