Command injection in get_online_pass_interval

Vulnerability

Overview

CVE-2023-52310 is a command injection vulnerability in PaddlePaddle, an open-source deep learning platform. The flaw resides in the get_online_pass_interval function within the fleet_util module, specifically in paddle/incubate/distributed/fleet/fleet_util.py. The function fails to sanitize user-supplied arguments such as days and hours, allowing an attacker to inject arbitrary operating system commands. This is a classic case of improper neutralization of special elements used in an OS command (CWE-78). [1][4]

Exploitation

An attacker can exploit this vulnerability by passing maliciously crafted strings to the days or hours parameters of get_online_pass_interval. For example, as shown in the advisory, setting hours="9;touch /home/test/aaaa" causes the injected touch command to be executed. No special privileges are required beyond access to the vulnerable function. The attack is demonstrated locally via the PaddlePaddle Python API, and the function does not validate or sanitize the input before passing it to a shell operation. [4]

Impact

Successful exploitation allows an attacker to execute arbitrary commands on the underlying operating system with the privileges of the PaddlePaddle process. This can lead to full system compromise, including unauthorized data access, modification, or further lateral movement within the environment. The impact is critical, as it bypasses any sandboxing provided by the framework. [2][4]

Mitigation

The vulnerability is patched in PaddlePaddle version 2.6.0. The fix is contained in multiple commits: 1aae481dfd7d2055c801563e254f1484b974b68e, c62d87eb91c84154af40946f17205d86f608866b, and f8560c903c80450e37b8f304a9cd8207678f2f83. Users are strongly advised to upgrade to PaddlePaddle 2.6.0 or later. As of the publication date, there is no evidence of exploitation in the wild, but the advisory from Baidu and Huntr.com notes that the vulnerability was responsibly disclosed. [1][2][4]