Remote Code Execution via Prompt Injection in vanna-ai/vanna
CVE-2024-5826

9.8CRITICAL

Key Information:

Vendor: Vanna-ai
Status: Vanna-ai/vanna
Vendor: CVE Published:; 27 June 2024

What is CVE-2024-5826?

The Vanna AI product experiences a vulnerability allowing for remote code execution due to prompt injection within the vanna.ask function. This issue stems from an absence of sandboxing when executing code generated by language models. As a result, untrusted input can manipulate the code executed through the exec function in src/vanna/base/base.py. An attacker can exploit this vulnerability to achieve remote code execution on the backend server of the application, which may lead to full server compromise.

Affected Version(s)

vanna-ai/vanna <= unspecified

References

https://huntr.com/bounties/90620087-44ac-4e43-b659-3c5d30...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 27, 2024

Vanna-ai

What is CVE-2024-5826?

Affected Version(s)

References

CVSS V3.1

Timeline