CVE-2025-53927
4.6
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
Summary
MaxKB is an open-source AI assistant for enterprise. Prior to version 2.0.0, the sandbox design rules can be bypassed because MaxKB only restricts the execution permissions of files in a specific directory. Therefore, an attacker can use the shutil.copy2 method in Python to copy the command they want to execute to the executable directory. This bypasses directory restrictions and reverse shell. Version 2.0.0 fixes the issue.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| 1Panel-dev | MaxKB | < 2.0.0 | affected |
Weaknesses
- CWE-94: CWE-94: Improper Control of Generation of Code ('Code Injection')
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: total
References
- https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-5xhm-4j3v-87m4
- https://github.com/1Panel-dev/MaxKB/releases/tag/v2.0.0
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.