Binary-Husky Gpt_Academic Manim Plugin Remote Code Execution Vulnerability

A remote code execution vulnerability has been identified in the 'manim' plugin of Binary-Husky's Gpt_Academic, specifically in the main branch. This issue arises from improper handling of user-provided prompts, allowing untrusted code generated by the language model to be executed without a proper sandbox. As a result, an attacker can inject malicious code through the prompt, leading to remote code execution on the application backend server.

Impact

Exploitation of this vulnerability allows for remote code execution on the application backend server, with the potential for full control over the server.

Reproduction

To reproduce this vulnerability, clone the Gpt_Academic repository and navigate to the project directory. After filling in the API key in the config.py file, install the 'manim' library and start the server. Once the server is running, select the 'manim' plugin and enter a prompt designed to inject malicious code, such as a command to create a file on the server. After submitting the prompt, the injected code will be executed, and the file will be created on the server, demonstrating successful exploitation.