CVE-2019-17526

An issue was discovered in SageMath Sage Cell Server through 2019-10-05. Python Code Injection can occur in the context of an internet facing web application. Malicious actors can execute arbitrary commands on the underlying operating system, as demonstrated by an __import__('os').popen('whoami').read() line. NOTE: the vendor's position is that the product is "vulnerable by design" and the current behavior will be retained
OS Command Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
VendorProductVersion
sagemathsagemathcell
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://gist.github.com/barrett092/0380a1c34c014e29b827d1f408381525
https://github.com/sagemath/sagecell/commits/master
https://sethsec.blogspot.com/2016/11/exploiting-python-code-injection-in-web.html
https://gist.github.com/barrett092/0380a1c34c014e29b827d1f408381525
https://github.com/sagemath/sagecell/commits/master
https://sethsec.blogspot.com/2016/11/exploiting-python-code-injection-in-web.html