Marimo Pre-Authentication Remote Code Execution Vulnerability in WebSocket Terminal Endpoint

A pre-authentication remote code execution vulnerability exists in Marimo versions through 0.20.4. The issue arises in the WebSocket terminal endpoint '/terminal/ws', which lacks proper authentication validation. This oversight allows an unauthenticated attacker to gain a full pseudo-terminal shell and execute arbitrary system commands. In contrast to other WebSocket endpoints that correctly validate authentication, the '/terminal/ws' endpoint only considers the running mode and platform compatibility before accepting connections, entirely bypassing authentication checks.

Impact

Exploitation of this vulnerability provides an unauthenticated attacker with a full interactive shell on the server, executing commands with root privileges in default Docker deployments.

Reproduction

The vulnerability can be reproduced by establishing a WebSocket connection to the '/terminal/ws' endpoint without any authentication. Once the connection is accepted, a pseudo-terminal shell is created, allowing for arbitrary command execution. This can be automated with a script that connects to the WebSocket, waits for the connection to be established, and then sends commands to be executed in the shell.

Remediation

Users are advised to update to Marimo version 0.23.0 or later, where this vulnerability has been patched.