CVE-2024-0195

Description

A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. Affected is the function FunctionService.saveFunction of the file src/main/java/org/spiderflow/controller/FunctionController.java. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249510 is the identifier assigned to this vulnerability.

Artificial Intelligence Decryption

CVE-2024-0195 is a critical vulnerability identified in spider-flow version 0.4.3, specifically affecting the FunctionService.saveFunction method found in FunctionController.java. The vulnerability arises from insufficient input validation in this function, which allows attackers to inject arbitrary code. This type of vulnerability is particularly dangerous because it can give attackers the ability to manipulate the application’s execution by inserting and executing unauthorized code. Since spider-flow is often used in automation and workflow tasks, this kind of control could allow attackers to hijack processes, manipulate workflows, and compromise sensitive data.

The vulnerability can be exploited remotely, which means that attackers do not require physical access to the server running spider-flow. Instead, they can exploit the issue over a network connection, making this vulnerability highly attractive for malicious actors seeking to attack web applications or services. The public disclosure of the exploit increases the risk, as potential attackers can study and leverage this information to craft specific attacks targeting organizations or individuals who have not yet applied a fix or patch. The fact that the exploit has been made publicly available amplifies the urgency for affected parties to address the issue.

In terms of potential impact, code injection vulnerabilities like CVE-2024-0195 can allow attackers to execute arbitrary commands, gain unauthorized access to system resources, or further exploit the environment by introducing additional payloads, such as malware or ransomware. Given its classification as "critical," the vulnerability poses a significant risk to the integrity, confidentiality, and availability of systems running vulnerable versions of spider-flow. It is recommended that organizations using spider-flow 0.4.3 promptly upgrade to a patched version or implement other security measures, such as input sanitization, to mitigate the risk.

CVSS Version 3.1

nvd

CVE ID: CVE-2024-0195
Base Score: 9.8
Base Severity: CRITICAL
Vector String:CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 3.9

vuldb

CVE ID: CVE-2024-0195
Base Score: 6.3
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Impact Score: 3.4
Exploitability Score: 2.8

CVSS Version 3.0

vuldb

CVE ID: CVE-2024-0195
Base Score: 6.3
Base Severity: MEDIUM
Vector String:CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CVSS Version 2.0

vuldb

CVE ID: CVE-2024-0195
Base Score: 6.5
Base Severity: MEDIUM
Vector String:AV:N/AC:L/Au:S/C:P/I:P/A:P

Proof Of Concept

Nuclei Templates for CVE-2024-0195

Refrence: Project Discovery GitHub

Cappricio-Securities

SpiderFlow Crawler Platform - Remote Code Execution

Refrence: GitHub

fa-rrel

CVE-2024-0195 Improper Control of Generation of Code ('Code Injection')

Refrence: GitHub

MuhammadWaseem29

Refrence: GitHub

hack-with-rohit

Refrence: GitHub

Refrence: NVDMITRE