Missing authentication on dangerous API endpoint
The flaw is rather straightforward and stems from the fact that one API endpoint called /api/v1/validate/code had missing authentication checks and passed code to the Python exec function. However, it didn’t run exec directly on functions, but on function definitions, which make functions available for execution but don’t execute their code.
Because of this, the Horizon3.ai researchers had to come up with an alternative exploitation method leveraging a Python feature called decorators, which “are functions that return functions that wrap other functions.”
The proof-of-concept published by Horizon3.ai on April 9 leverages decorators to achieve remote code execution, but the researchers note that a third-party researcher also achieved the same by abusing another feature of Python functions called default arguments.
