CVE-2023-6019 PoC — Ray 安全漏洞

Source

https://github.com/miguelc49/CVE-2023-6019-1

Associated Vulnerability

Title:Ray 安全漏洞 (CVE-2023-6019)
Description:Ray是ray-project开源的一个用于扩展 AI 和 Python 应用程序的统一框架。 Ray存在安全漏洞，该漏洞源于cpu_profile URL参数存在命令注入漏洞。攻击者可利用该漏洞运行Ray仪表板在系统上执行os命令。

Readme

# CVE-2023-6019-1

File Snapshot


 [4.0K]  /data/pocs/7b05e0201c509220984b8e7b43928148713a7e8d
├── [  33]  hello_world.py
├── [  17]  README.md
└── [  13]  requirements.txt

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!