Defog-AI Introspect Code Injection Vulnerability in Analysis Execution Function
Vulnerability
A critical code injection vulnerability has been identified in Defog-AI Introspect versions through 0.1.4. The issue arises in the 'execute_analysis_code_safely' function within 'introspect/backend/tools/analysis_tools.py'. This function executes user-provided code using the 'exec' function, which can be exploited by crafting malicious input. The vulnerability allows attackers to manipulate libraries included in the execution namespace, potentially leading to unauthorized actions such as reading sensitive files or modifying system configurations.
Impact
Exploitation of this vulnerability allows for arbitrary code execution within the context of the application's execution environment, potentially leading to unauthorized access to sensitive information or system resources.
Reproduction
To reproduce this vulnerability, call the 'execute_analysis_code_safely' function and pass a string of malicious code as the 'code' argument. The injected code will be executed in a namespace that includes access to several libraries, such as 'pandas', 'numpy', and 'json'. For example, code could be crafted to use 'pandas' to read sensitive files like '/etc/passwd'.
Remediation
Users are advised to update to the patched version of Defog-AI Introspect, which is available in the GitHub repository.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.