| 제목 | FoundationAgents MetaGPT 0.8.2 Command Injection |
|---|
| 설명 | MetaGPT (GitHub project: https://github.com/FoundationAgents/MetaGPT) contains a command injection vulnerability in its Mermaid diagram rendering functionality. The issue stems from unsafe handling of the `mermaid.path` configuration value, which is used to specify the path to the Mermaid CLI executable.
An attacker who can control the `mermaid.path` setting in `config.yaml` can inject arbitrary shell metacharacters. Two code locations are vulnerable:
1. `metagpt/utils/common.py` - `check_cmd_exists()` passes the path directly to `os.system()`.
2. `metagpt/utils/mermaid.py` - `mermaid_to_file()` builds a shell command using `asyncio.create_subprocess_shell()` and concatenates the path into the command string.
Because the path is not sanitized or treated as an argument list, shell syntax such as `;`, `|`, or `$()` is interpreted by the underlying shell. This allows arbitrary command execution in the security context of the MetaGPT process.
No special Mermaid input is required; the vulnerability is triggered whenever the `nodejs` Mermaid engine is active and a diagram is rendered. The issue is not in Mermaid CLI itself but in how MetaGPT constructs the execution command.
Impact: Remote code execution if an attacker can modify the configuration file or supply a crafted configuration through other means (e.g., via a compromised workspace or supply chain attack).
Affected versions: All versions up to the latest release (0.8.2) at the time of discovery (no fix has been released). The vulnerability is present wherever `mermaid.engine = "nodejs"` is used and `mermaid.path` is configurable. |
|---|
| 원천 | ⚠️ https://www.notion.so/asuka39/MetaGPT-Command-Injection-via-Mermaid-path-Configuration-35fe35b8556880b29113c8c1b414a8b2?source=copy_link |
|---|
| 사용자 | ASUKA39 (UID 70397) |
|---|
| 제출 | 2026. 05. 13. AM 08:28 (28 날 ago) |
|---|
| 모더레이션 | 2026. 06. 06. PM 05:55 (24 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 369074 [FoundationAgents MetaGPT 까지 0.8.2 metagpt/utils/common.py check_cmd_exists mermaid.path 권한 상승] |
|---|
| 포인트들 | 20 |
|---|