[Bug]Vulnerability was found in penetration test, please fix it

[Eugenprpr]

Contact Information

No response

MaxKB Version

v1.10.6-lts

Problem Description

渗透测试发现漏洞

Steps to Reproduce

1.https://。。。
漏洞描述：代码注入
危险等级：高危
漏洞危害：注入恶意代码，获取各类信息等。
漏洞点：
Maxkb函数库
Python的代码注入 目前可用urllib os sys探测url 查看 删除文件 命令执行权限较低没法执行

import urllib.request
print(urllib.request.urlopen('https://。。。').read())
urllib函数 可以判断端口是否开放
命令执行 但是权限低没法执行
import subprocess
def runcmd():
result = subprocess.run(['ls', '-l'], capture_output=True, text=True)
print(result.stdout)
return result.stdout

删除文件
import os
os.remove('/tmp/file.txt')

处置建议：目前权限较低，只能执行很简单的代码，但还是有危害，建议低权限用户禁止使用函数库。

2.系统域名：https://。。。/doc/chat/
漏洞描述：Swagger未授权访问
危险等级：中危
漏洞验证：https://。。。/doc/chat/
处置建议：添加鉴权。

3.系统域名：https://。。。/api/dataset/web
漏洞描述：Ssrf
漏洞验证：Ssrf端口探测
探测8081端口 直接报错
8080端口成功
处置建议：也是危害较小，建议低权限用户禁用知识库的权限。

The expected correct result

No response

Related log output

Additional Information

No response

[shaohuzhang1]

Bot detected the issue body's language is not English, translate it automatically. 👯👭🏻🧑‍🤝‍🧑👫🧑🏿‍🤝‍🧑🏻👩🏾‍🤝‍👨🏿👬🏿

---

Contact Information

No response

MaxKB Version

v1.10.6-lts

Problem Description

Penetration tests find vulnerabilities

Steps to Reproduce

1.https://. . .
Vulnerability Description: Code Injection
Hazard level: High risk
Vulnerability hazards: inject malicious code, obtain various information, etc.
Vulnerability points:
Maxkb function library
Python code injection Currently you can use urllib os sys probe url to view Delete file command execution permissions are low and cannot be executed

import urllib.request
print(urllib.request.urlopen('https://...').read())
urllib function can determine whether the port is open
Command execution, but low permissions cannot be executed
import subprocess
def runcmd():
result = subprocess.run(['ls', '-l'], capture_output=True, text=True)
print(result.stdout)
return result.stdout

Delete files
import os
os.remove('/tmp/file.txt')

Disposal suggestions: Currently, the permissions are low and can only execute very simple code, but they are still harmful. It is recommended that users with low permissions prohibit using the function library.

2. System domain name: https://. . . /doc/chat/
   Vulnerability Description: Swagger Unauthorized Access
   Hazard level: Medium risk
   Vulnerability verification: https://. . . /doc/chat/
   Disposal suggestions: Add authentication.

3. System domain name: https://. . . /api/dataset/web
   Vulnerability Description: Ssrf
   Vulnerability Verification: Ssrf Port Detection
   Detect port 8081 and report an error directly
   Port 8080 succeeds
   Disposal suggestions: It is also less harmful. It is recommended that users with low permissions disable the permissions of the knowledge base.

The expected correct result

No response

Related log output

Additional Information

No response

[liqiang-fit2cloud]

感谢反馈，回复如下。

1.https://。。。 漏洞描述：代码注入 危险等级：高危 漏洞危害：注入恶意代码，获取各类信息等。 漏洞点： Maxkb函数库 Python的代码注入 目前可用urllib os sys探测url 查看 删除文件 命令执行权限较低没法执行

import urllib.request print(urllib.request.urlopen('https://。。。').read()) urllib函数 可以判断端口是否开放 命令执行 但是权限低没法执行 import subprocess def runcmd(): result = subprocess.run(['ls', '-l'], capture_output=True, text=True) print(result.stdout) return result.stdout

函数库的主要使用场景之一是调用其他服务，使用urllib是必须的。
OS级别的cmd都已禁用。

删除文件 import os os.remove('/tmp/file.txt')

系统开放了部分目录，允许函数库里的代码临时在本地存取处理文件。

2.系统域名：https://。。。/doc/chat/ 漏洞描述：Swagger未授权访问 危险等级：中危 漏洞验证：https://。。。/doc/chat/ 处置建议：添加鉴权。

对话的本来就是匿名的，所以对话接口调用和对话接口swagger文档也都是匿名的。

3.系统域名：https://。。。/api/dataset/web 漏洞描述：Ssrf 漏洞验证：Ssrf端口探测 探测8081端口 直接报错 8080端口成功 处置建议：也是危害较小，建议低权限用户禁用知识库的权限。

这个是创建web知识库的接口，会触发爬虫爬取web内容。

所有以上均不视为漏洞。

[shaohuzhang1]

Bot detected the issue body's language is not English, translate it automatically. 👯👭🏻🧑‍🤝‍🧑👫🧑🏿‍🤝‍🧑🏻👩🏾‍🤝‍👨🏿👬🏿

---

Thanks for the feedback, reply as follows.

1.https://. . . Vulnerability description: Code injection Hazard level: High risk Vulnerability hazard: Inject malicious code, obtain various information, etc. Vulnerability point: Maxkb function library Python code injection Currently available urllib os sys probe url view Delete file command execution permissions are low and cannot be executed

import urllib.request print(urllib.request.urlopen('https://...').read()) urllib function can determine whether the port is open. Command execution, but low permissions cannot be executed. import subprocess def runcmd(): result = subprocess.run(['ls', '-l'], capture_output=True, text=True) print(result.stdout) return result.stdout

One of the main usage scenarios of function libraries is to call other services, and using urllib is necessary.

Delete file import os os.remove('/tmp/file.txt')

The system has opened some directories, allowing the code in the function library to temporarily access processing files locally.

2. System domain name: https://. . . /doc/chat/ Vulnerability Description: Swagger Unauthorized Access Hazard Level: Medium Danger Vulnerability Verification: https://. . . /doc/chat/ Disposal suggestions: Add authentication.

The swagger document has authentication enabled by default. Only users who have been logged in can access it. Please check your own environment.

3. System domain name: https://. . . /api/dataset/web Vulnerability description: Ssrf Vulnerability verification: Ssrf port detection Detection of port 8081 directly reported an error Port 8080 successfully Disposal suggestions: It is also less harmful, and it is recommended that low-privileges users disable the permissions of the knowledge base.

This is an interface to create a web knowledge base, which will trigger crawlers to crawl web content.

All of the above are not considered vulnerabilities.