Sentry Remote Code Execution Vulnerability via Pickle Deserialization

A remote code execution vulnerability exists in Sentry version 8.2.0, allowing authenticated superusers to execute arbitrary commands. This is achieved by injecting malicious pickle-serialized objects into the audit log entry data parameter. Exploitation involves sending crafted POST requests to the admin audit log endpoint, with base64-encoded compressed pickle payloads in the data field. The injected payload is executed with application privileges.

Impact

Exploitation of this vulnerability allows for remote code execution on the server where Sentry is running.

Reproduction

To reproduce this vulnerability, log into the Sentry application as a superuser. Navigate to the admin audit log entry creation page. Once there, inject a base64-encoded, compressed pickle payload into the data field. This payload should be crafted to execute a command of choice, such as opening a reverse shell. After submitting the form, the command will be executed on the server, with the results sent back to the attacker's listener.

Remediation

Users can upgrade to Sentry versions 8.1.4 or 8.2.2, both of which address this vulnerability.