SakaDev Remote Code Execution Vulnerability

A remote code execution vulnerability exists in SakaDev versions through 4.0.5. The issue arises from the application's command execution design, which allows for prompt injection attacks. Users can choose between executing safe commands automatically or requiring approval for potentially destructive commands. However, an attacker can manipulate this system by wrapping malicious commands in a generic template, tricking the model into classifying them as safe. This exploitation bypasses user approval and enables arbitrary command execution.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the affected system.

Remediation

Users are advised to update to SakaDev version 4.0.6, available on the VS Code Marketplace. After updating, review the command execution history for any suspicious activity, rotate SSH keys if compromise is suspected, and check for unusual network connections in recent terminal history.