CVE-2023-39662
Arbitrary Code Execution vulnerability in llama-index (PyPI)
What is CVE-2023-39662 About?
This vulnerability in llama_index versions 0.7.13 and earlier allows a remote attacker to execute arbitrary code. The flaw resides in the `exec` parameter of the `PandasQueryEngine` function, which, when mishandled, can lead to the execution of malicious commands. Exploitation relies on an attacker providing specially crafted input.
Affected Software
- llama-index
- <0.7.14
- <0.9.14
Technical Details
The llama_index library, specifically its PandasQueryEngine in versions up to 0.7.13, is vulnerable to arbitrary code execution. The attack vector targets the exec parameter within this function. When this parameter is invoked with untrusted input, it fails to adequately sanitize or validate the provided commands. An attacker can inject malicious code directly into the exec parameter, which is then executed by the underlying system process, granting the attacker control over the host. This vulnerability essentially turns the exec parameter into a dangerous command injection point without proper safeguards.
What is the Impact of CVE-2023-39662?
Successful exploitation may allow attackers to execute arbitrary code on the host system, leading to full system compromise, data exfiltration, or further unauthorized access.
What is the Exploitability of CVE-2023-39662?
Exploitation of this vulnerability is of medium complexity, requiring the attacker to craft specific input that targets the exec parameter within the PandasQueryEngine function. There are generally no explicit authentication or privilege requirements beyond the ability to interact with the affected PandasQueryEngine endpoint. This is a remote vulnerability, as an attacker can trigger it by sending malicious data remotely. The main prerequisite is an application using llama_index's PandasQueryEngine that processes untrusted external input for the exec parameter. Risk factors include exposing such an endpoint directly to untrusted users without input validation and sanitization. The vulnerability description implying the exec parameter suggests direct command execution capabilities.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2023-39662?
Available Upgrade Options
- llama-index
- <0.7.14 → Upgrade to 0.7.14
- llama-index
- <0.9.14 → Upgrade to 0.9.14
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://github.com/jerryjliu/llama_index/issues/7054
- https://github.com/run-llama/llama_index/commit/aa6726706476e0f957a8d57a5ca89e519e93bad7
- https://github.com/run-llama/llama_index/commit/9f3e50a803f519af9ab62e63d413441c43001d81
- https://osv.dev/vulnerability/GHSA-2xxc-73fv-36f7
- https://osv.dev/vulnerability/PYSEC-2023-148
- https://github.com/jerryjliu/llama_index
- https://github.com/pypa/advisory-database/tree/main/vulns/llama-index/PYSEC-2023-148.yaml
- https://github.com/jerryjliu/llama_index/issues/7054
- https://nvd.nist.gov/vuln/detail/CVE-2023-39662
- https://github.com/jerryjliu/llama_index/issues/7054
What are Similar Vulnerabilities to CVE-2023-39662?
Similar Vulnerabilities: CVE-2023-36281 , CVE-2023-34233 , CVE-2022-24765 , CVE-2022-39299 , CVE-2021-44228
