DSAI-Cline OS Command Injection Vulnerability Leading to Remote Code Execution

A critical OS command injection vulnerability has been identified in DSAI-Cline's command auto-approval module, affecting versions through 1.1.2. This vulnerability undermines the effectiveness of the application's whitelist security mechanism. The issue arises because the command validation logic relies on string-based parsing that fails to properly handle raw newline characters embedded in the input. While the system intercepts dangerous operators and command substitution patterns, an attacker can exploit this oversight by inserting a newline between a whitelisted command and malicious code. This manipulation causes DSAI-Cline to mistakenly approve the command as safe. The PowerShell interpreter then executes both commands sequentially, leading to remote code execution without any user interaction.

Impact

Exploitation of this vulnerability allows for remote code execution on the system where DSAI-Cline is running.

Reproduction

To reproduce this vulnerability, use DSAI-Cline version 1.1.2 or earlier. Activate the command auto-approval module and input a command that is whitelisted, such as 'git log', but insert a newline character between the command and an additional, malicious command. Once the command is submitted, DSAI-Cline will misinterpret it as safe and execute both commands in sequence, with the malicious command potentially leading to unauthorized actions or access.