FastGPT Sandbox Code Execution Bypass Vulnerability
Vulnerability
A vulnerability in the FastGPT sandbox environment prior to version 4.9.11 allows for code execution bypass, enabling unauthorized file read and write operations. The sandbox's isolation mechanisms were compromised by overly permissive system call allowances, which could be exploited to escape sandbox restrictions. This issue has been addressed in version 4.9.11 by tightening system call permissions and enhancing error messages.
Impact
Exploitation of this vulnerability could lead to unauthorized access to arbitrary files, overwriting of files, and bypassing of Python's module import restrictions, potentially allowing the import of sensitive modules such as 'os' or 'sys'.
Reproduction
The vulnerability can be reproduced by executing a crafted Python script within the FastGPT sandbox that exploits the permissive system call allowances. For example, a script can be written to read sensitive files like '/etc/passwd' or to overwrite system files, causing disruption to the sandbox's functionality.
Remediation
Users can update to FastGPT version 4.9.11, which includes the necessary fixes. Instructions for updating are available in the FastGPT documentation.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.