dmlc Gluon-CV ImageClassificationDataset.from_csv() API Arbitrary File Write Vulnerability

In dmlc/gluon-cv version 0.10.0, the ImageClassificationDataset.from_csv() function is vulnerable to arbitrary file write. This vulnerability arises because the function downloads and extracts tar.gz files from URLs without proper sanitization, leaving it open to a TarSlip vulnerability. Attackers can exploit this by creating malicious tar files that, when extracted, overwrite files on the victim's system through path traversal or fake symlinks.

Impact

Exploitation of this vulnerability allows for arbitrary file writes on the victim's local file system. This could lead to remote code execution by writing a malicious __init__.py file in Python's site-packages directory.

Reproduction

To reproduce this vulnerability, first create a malicious tar.gz file that exploits the TarSlip vulnerability by overwriting files through path traversal or fake symlinks. This can be done using Python's tarfile module. Once the malicious file is created, serve it using a simple HTTP server. The victim can then download this file using the ImageClassificationDataset.from_csv() function, which will extract the tar file and overwrite files on the local system.