Mage AI Insecure Default Initialization Vulnerability Leading to Remote Code Execution

A vulnerability exists in Mage AI version 0.9.75, characterized by an insecure default authentication setup that can lead to zero-click remote code execution. The application does not require user authentication by default, allowing unauthorized access. Although there is an option to enable authentication, it is not prominently displayed, leaving users unaware of the need to secure their instances. This flaw has been publicly disclosed and is available as a proof-of-concept exploit.

Impact

Exploitation of this vulnerability allows for unauthorized access and zero-click remote code execution on the affected server.

Reproduction

To reproduce this vulnerability, deploy Mage AI version 0.9.75 without enabling user authentication. Once the application is running in this insecure state, the vulnerability can be exploited to execute arbitrary code remotely, without any user interaction.

Remediation

Users should manually enable authentication by setting the 'REQUIRE_USER_AUTHENTICATION' environment variable to '1' before deploying the application. For detailed instructions, refer to the official Mage AI documentation on authentication.