Remote Code Execution in create_conda_env function in parisneo/lollms

Vulnerability

Description The vulnerability resides in the create_conda_env function of the parisneo/lollms repository, version 5.9.0. The function uses subprocess.Popen with shell=True, which enables shell command injection. An attacker can inject arbitrary commands through the env_name and python_version parameters, leading to remote code execution [1].

Exploitation

Conditions No authentication is required if the function is exposed via an API. The attacker needs to control the input values for env_name or python_version, which are typically provided by the user. The exploit can be triggered by sending crafted HTTP requests to the service endpoint that calls create_conda_env [1].

Impact

Successful exploitation allows an attacker to execute arbitrary OS commands on the server. This could lead to data exfiltration, lateral movement, or complete compromise of the affected system. The example given demonstrates execution of the 'whoami' command, proving code execution capability [1].

Mitigation

Status As of the publication date, version 5.9.0 is affected. The issue was reported via the Huntr bug bounty platform [3]. Users should update to a patched version if available, or avoid exposing the vulnerable function to untrusted input. No official patch has been confirmed at this time.