| 标题 | Kilo-Org kilocode 7.0.47 Arbitrary File Read (CWE-200) |
|---|
| 描述 | # Technical Details
An Arbitrary File Read vulnerability exists in the `load` method in `packages/opencode/src/config/config.ts` of kilocode.
The application fails to disable token substitution when parsing the `KILO_CONFIG_CONTENT` environment variable. An attacker can inject a payload using the `{file:/path}` template that forces the CLI to parse and read local files during configuration loading, which are then leaked via Zod Schema Validation errors.
# Vulnerable Code
File: packages/opencode/src/config/config.ts
Method: load
Why: The function evaluates inline `{file:path}` templates and substitutes file contents inside key definitions before strict schema validation (Zod) occurs, dumping the extracted file payload in the crash traceback logic.
# Reproduction
1. Configure the `KILO_CONFIG_CONTENT` environment variable introducing an invalid key name encapsulating a file directive: `export KILO_CONFIG_CONTENT='{"invalid_key_{file:/etc/passwd}":"value"}'`
2. Call the CLI targeting a simple sub-command to trigger configuration initialization: `bun run src/index.ts auth ls --print-logs`.
3. The content of `/etc/passwd` will be actively printed in the resulting crash standard error traceback.
# Impact
- Exposure of Highly Sensitive Information: Attackers with local or environment control can read system files, `.env` file API keys, SSH private keys, and cloud configurations.
- Access Escalation within CI/CD pipelines or serverless deployments. |
|---|
| 来源 | ⚠️ https://gist.github.com/YLChen-007/32b444e49ced1a46bde5a68933ccd09f |
|---|
| 用户 | Eric-d (UID 96861) |
|---|
| 提交 | 2026-04-23 14時40分 (1 月前) |
|---|
| 管理 | 2026-05-17 10時55分 (24 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 364391 [Kilo-Org kilocode 直到 7.0.47 Environment Variable config.ts load KILO_CONFIG_CONTENT 信息公开] |
|---|
| 积分 | 20 |
|---|