CVE-2023-29017

CRITICAL

vm2 <3.9.15 - Remote Code Execution

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2023-29017. PoCs published by timb-machine-mirrors, GabrieleDattile, passwa11.

AI-analyzed exploit summary The repository contains two functional exploit scripts for CVE-2023-29017, a sandbox escape vulnerability in vm2. Both scripts leverage prototype pollution and constructor manipulation to bypass the sandbox and execute arbitrary commands (e.g., 'touch flag').

Description

vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Prior to version 3.9.15, vm2 was not properly handling host objects passed to `Error.prepareStackTrace` in case of unhandled async errors. A threat actor could bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version 3.9.15 of vm2. There are no known workarounds.

Exploits (3)

nomisec WORKING POC 2 stars
by timb-machine-mirrors · poc
https://github.com/timb-machine-mirrors/seongil-wi-CVE-2023-29017

The repository contains two functional exploit scripts for CVE-2023-29017, a sandbox escape vulnerability in vm2. Both scripts leverage prototype pollution and constructor manipulation to bypass the sandbox and execute arbitrary commands (e.g., 'touch flag').

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: vm2 version 3.9.14
No auth needed
Prerequisites: Node.js environment with vm2 version 3.9.14 installed
devstral-2 · analyzed Feb 19, 2026 Full analysis →
github WORKING POC
by GabrieleDattile · pythonpoc
https://github.com/GabrieleDattile/cve-pocs/tree/main/CVE/CVE-2023-29017

The repository contains a functional PoC for CVE-2023-29017, demonstrating a reverse shell exploit using the 'vm2' library. The code includes a sandbox escape mechanism to execute arbitrary commands.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: vm2 (Node.js sandbox library)
No auth needed
Prerequisites: Node.js environment with 'vm2' library installed
devstral-2 · analyzed Feb 27, 2026 Full analysis →
nomisec WORKING POC
by passwa11 · poc
https://github.com/passwa11/CVE-2023-29017-reverse-shell

This repository contains a functional proof-of-concept exploit for CVE-2023-29017, leveraging a sandbox escape in the 'vm2' library to execute arbitrary commands via a reverse shell. The exploit manipulates the `Error.prepareStackTrace` function to spawn a reverse shell to a specified IP and port.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: vm2 library (versions prior to 3.9.16)
No auth needed
Prerequisites: Target system running vulnerable version of vm2 library · Network connectivity to attacker-controlled IP/port
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 10.0
EPSS 0.7065
EPSS Percentile 98.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-913
Status published
Products (2)
npm/vm2 0 - 3.9.15npm
vm2_project/vm2 < 3.9.15
Published Apr 06, 2023
Tracked Since Feb 18, 2026