666ghj MiroFish Command Injection Vulnerability in Inter-Process Communication Component

A command injection vulnerability has been identified in 666ghj MiroFish versions through 0.1.2. The issue resides in the Inter-Process Communication (IPC) component, specifically within the SimulationIPCClient.send_command function of the file backend/app/services/simulation_ipc.py. This vulnerability allows for cross-tenant command injection, where an attacker can inject arbitrary commands into another user's simulation environment. The exploitation can be performed remotely, without any authentication requirements.

Impact

Exploitation of this vulnerability allows for unauthorized injection of commands into running simulations, potentially leading to manipulation of simulation outcomes and disruption of services.

Reproduction

To reproduce this vulnerability, first ensure that MiroFish version 0.1.2 is running with the default configuration. Once the application is active, create a simulation directory for a victim user, including the necessary IPC command and response subdirectories. After setting up the environment to reflect an active simulation, an attacker can send a request to the '/api/simulation/interview' endpoint, injecting a prompt that will be executed by the victim's simulation process. This can be automated with a script that monitors the IPC command directory, captures the injected command, and responds to the simulation, completing the exploitation process.

Remediation

It is recommended to validate the simulation_id parameter to prevent injection attacks, implement authentication for IPC commands to ensure only authorized users can send commands to their own simulations, and verify ownership of simulations before allowing command injections.