PrusaSlicer Arbitrary Code Execution Vulnerability

A vulnerability allowing arbitrary code execution has been identified in PrusaSlicer versions through 2.6.1. The issue arises in the GCode/PostProcessor.cpp file, where a crafted 3mf project file can execute malicious code on the host during the G-code export process. This vulnerability exploits the post-processing script feature, which allows users to automate modifications to the G-code before it is sent to a printer or saved to a file.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the host machine where PrusaSlicer is running.

Reproduction

To reproduce this vulnerability, create a 3mf file that includes a post-processing script entry in the 'Metadata/Slic3r_PE.config' file. This entry should specify a command that executes a payload, such as a script or a command-line instruction, and directs the output to a file in the '/tmp' directory. Once the 3mf file is prepared, open it in PrusaSlicer and export the G-code. The specified command will be executed, and the payload will be delivered as described in the impact section.