PraisonAI WSGI Recipe Registry Server Memory Exhaustion Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in the WSGI-based recipe registry server of PraisonAI, prior to version 4.5.128. The server reads the entire HTTP request body into memory based on the Content-Length header, without any upper limit. This issue is compounded by the fact that authentication is disabled by default, allowing any local process to send large POST requests that can exhaust server memory. While the Starlette-based server includes a request size limit, the WSGI server lacks such protection, leading to potential memory exhaustion and server crashes.

Impact

Exploitation of this vulnerability can lead to memory exhaustion, causing the server process to be terminated by the operating system's out-of-memory killer. This unavailability disrupts recipe publishing and downloading operations. Additionally, repeated uploads can fill the disk with persisted bundle data, further degrading server performance.

Reproduction

To reproduce this vulnerability, start the PraisonAI WSGI recipe registry server with default settings, which do not require authentication. Once the server is running, create a large bundle file of approximately 500MB and upload it to the server. The server will buffer the entire file into memory without any size limit. This process can be repeated with multiple requests to exhaust the server's available memory, causing the server process to be killed by the operating system.

Remediation

Users are advised to update to PraisonAI version 4.5.128 or later, where this vulnerability has been fixed. For those using the WSGI server, consider adding a request size limit to the application, similar to the 10MB default limit in the Starlette-based server. Additionally, be cautious when binding the server to '0.0.0.0', as this can expose the vulnerability to the network.