vm2 Node.js Sandbox Allowlist Bypass Vulnerability Leading to Remote Code Execution

A critical vulnerability in vm2, an open-source virtual machine/sandbox for Node.js, allows for a bypass of the NodeVM's built-in allowlist. This issue is present in versions prior to 3.11.0. When the 'module' built-in is allowed, it exposes Node's Module._load() function, which can load any module by name directly in the host context. This bypasses vm2's built-in restrictions and enables sandboxed code to access excluded built-ins like child_process, resulting in remote code execution.

Impact

Exploitation of this vulnerability leads to a complete bypass of the built-in allowlist, allowing sandboxed code to execute arbitrary commands on the host system via the child_process module. This vulnerability also introduces additional attack surfaces through other Module class internals.

Reproduction

To reproduce this vulnerability, configure the NodeVM with the 'module' built-in allowed, while excluding 'child_process'. Sandboxed code can then call Module._load('child_process') to bypass the vm2 restrictions and execute commands on the host.

Remediation

Users are advised to update to vm2 version 3.11.0 or later, and to exclude 'module' from the built-in modules entirely or to add it to the special modules with a safe wrapper.