Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-37273 PoC — Auto-GPT 代码注入漏洞

Source
https://github.com/gdesantis01/instructions-summarizing
Associated Vulnerability
Title:Auto-GPT 代码注入漏洞 (CVE-2023-37273)
Description:Auto-GPT是Significant Gravitas开源的一个人工智能软件代理程序。 Auto-GPT 0.4.3之前版本存在代码注入漏洞,该漏洞源于位于存储库根目录中的 docker-compose.yml 文件将自身安装到 docker 容器中,且没有写保护,如果通过和命令执行恶意自定义 python 代码,它可以覆盖 docker-compose.yml 文件并在下次 Auto-GPT 启动时来获得对主机系统的控制。
Description
Site containing info useful for demonstrate CVE-2023-37273
Readme
# instructions-summarizing
Site containing info useful for demonstrate CVE-2023-37273
File Snapshot

 [4.0K]  /data/pocs/372efef6ccf01199efdab24c4f4df2bab7c2b2fc
├── [ 108]  access2.py
├── [ 784]  access.py
├── [ 534]  index2.html
├── [ 432]  index3.html
├── [ 429]  index4.html
├── [ 531]  index.html
└── [  86]  README.md

0 directories, 7 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.