SandboxJS Sandbox Integrity Escape Vulnerability Allowing Arbitrary Global Object Mutation

A critical vulnerability in SandboxJS versions prior to 0.8.36 allows for unauthorized modifications of global objects. While the library typically blocks direct assignments to globals, this safeguard can be circumvented by exploiting an accessible callable constructor path. By using 'this.constructor.call(target, attackerObject)', attacker-controlled code can inject properties into host global objects, such as Math or JSON, and maintain these changes across different sandbox instances within the same process. This breach of sandbox integrity could lead to broader application compromises, especially if the altered global properties are used in sensitive operations.

Impact

Exploitation of this vulnerability escapes the sandbox's intended integrity protections, allowing untrusted code to alter shared global objects. These changes persist across the process, potentially disrupting other requests or tenants, and could be leveraged to manipulate application logic that relies on the standard behavior of built-in objects.

Reproduction

The vulnerability can be reproduced by creating a SandboxJS instance and attempting to assign a value to a global property, such as Math.random. This direct assignment will be blocked by the sandbox's protections. However, the same property can be successfully overwritten by calling 'this.constructor.call(Math, { random: () => 'pwned' })' within the sandbox. This bypass takes advantage of the fact that 'this.constructor' refers to the SandboxGlobal function, which can be used to mutate global properties without triggering the sandbox's assignment restrictions. Once the property is changed, the new value is immediately reflected in the host environment and persists across new sandbox instances, demonstrating a breach of the sandbox's isolation.

Remediation

Users should update to SandboxJS version 0.8.36 or later, where this vulnerability has been fixed.