MindsDB BYOM Feature Unrestricted File Upload Vulnerability Leading to Remote Code Execution

A remote code execution vulnerability exists in MindsDB versions prior to 26.01, specifically within the BYOM (Bring Your Own Model) feature. The issue arises in the 'exec' function of 'mindsdb/integrations/handlers/byom_handler/proc_wrapper.py', part of the Engine Handler component. The vulnerability allows uploaded Python code to be executed without authentication, as the default configuration does not require it. Exploitation involves a single HTTP PUT request to upload malicious code, which is then executed on the server.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the server where MindsDB is running.

Reproduction

The vulnerability can be reproduced by uploading a crafted Python file through the BYOM integration via the MindsDB HTTP API. The uploaded code is executed immediately after the upload, without any authentication checks. This can be automated with a script that uploads the malicious code and verifies the execution by checking for a created file containing the output of the executed command.

Remediation

Users are advised to update to MindsDB version 26.01 or later. Additionally, implementing a code review mechanism to analyze uploaded Python code for dangerous patterns before execution could help mitigate this vulnerability.