Arbitrary Code Execution Vulnerability in MacOS Text-To-Speech Class
CVE-2024-1880

7.8HIGH

Key Information:

Vendor: Significant-gravitas
Status: Significant-gravitas/autogpt
Vendor: CVE Published:; 6 June 2024

Summary

An OS command injection vulnerability affects the MacOS Text-To-Speech class (MacOSTTS) within the Significant Gravitas AutoGPT project. This vulnerability is present in versions up to v0.5.0 and stems from the improper handling of special characters in user-inputted text within the _speech method. By employing os.system to run shell commands based on user input, it allows for the execution of arbitrary code if an attacker injects shell commands. This risk is particularly present when the AutoGPT instance is initiated with the --speak option using the TEXT_TO_SPEECH_PROVIDER=macos configuration. The issue has been resolved in version 5.1.0, emphasizing the need for users to update their installations promptly.

Affected Version(s)

significant-gravitas/autogpt < 5.1.0

References

https://huntr.com/bounties/4e742624-8771-4f3c-9634-3eaf33...

https://github.com/significant-gravitas/autogpt/commit/26...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 6, 2024
Vulnerability Reserved
Feb 26, 2024