Bypassing Shell Commands Denylist Settings with Modified Path
CVE-2024-6091

9.8CRITICAL

Key Information:

Vendor: Significant-gravitas
Status: Significant-gravitas/autogpt
Vendor: CVE Published:; 11 September 2024

🔔 Create Significant-gravitas Vulnerability Alert

What is CVE-2024-6091?

A vulnerability present in version 0.5.1 of the Autogpt application by Significant Gravitas allows attackers to bypass configured denylist settings meant to restrict specific shell commands. Although the denylist aims to block potentially harmful commands such as 'whoami', attackers can execute these commands through alternate paths, for example, by using the syntax '/bin/./whoami', which the denylist does not identify. This circumvention can lead to unauthorized access and execution of commands that are meant to be restricted, thereby posing a serious risk to application integrity and user data.

Affected Version(s)

significant-gravitas/autogpt < 0.5.1

References

https://huntr.com/bounties/8a742c13-bb5e-4bc9-8b86-049d8a...

https://github.com/significant-gravitas/autogpt/commit/ef...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 11, 2024
Vulnerability Reserved
Jun 17, 2024