Description
A command injection vulnerability exists in the run-llama/llama_index repository, specifically within the safe_eval function. Attackers can bypass the intended security mechanism, which checks for the presence of underscores in code generated by LLM, to execute arbitrary code. This is achieved by crafting input that does not contain an underscore but still results in the execution of OS commands. The vulnerability allows for remote code execution (RCE) on the server hosting the application.
References (2)
Core 2
Core References
Exploit, Third Party Advisory
https://huntr.com/bounties/9b32490e-7cf9-470e-8d49-ba083ae7a279
Scores
CVSS v3
9.8
EPSS
0.0124
EPSS Percentile
79.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
total
Details
CWE
CWE-77
Status
published
Products (2)
llamaindex/llamaindex
0.10.6 - 0.10.26
pypi/llama-index-core
0 - 0.10.24PyPI
Published
Apr 16, 2024
Tracked Since
Feb 18, 2026