TykoDev cherry-studio-TykoFork OS Command Injection Vulnerability in OAuth Server Discovery Component
Vulnerability
A critical vulnerability allowing OS command injection has been identified in TykoDev cherry-studio-TykoFork version 0.1. The issue arises in the OAuth Server Discovery component, specifically within the redirectToAuthorization function of the oauth-authorization-server file. The vulnerability is triggered by manipulating the authorizationUrl argument, which is not properly sanitized before being processed. This flaw can be exploited remotely, leading to arbitrary command execution on the host machine.
Impact
Exploitation of this vulnerability allows for arbitrary OS command execution on the affected system.
Reproduction
To reproduce this vulnerability, send a request to the OAuth server discovery endpoint with a crafted authorizationUrl that includes a payload for OS command injection. The server's response should indicate that the command has been executed on the host machine.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.