A vulnerability in the /v1/runs API endpoint of lightning-ai/pytorch-lightning v2.2.4 allows attackers to exploit path traversal when extracting tar.gz files. When the LightningApp is running with the plugin_server, attackers can deploy malicious tar.gz plugins that embed arbitrary files with path traversal vulnerabilities. This can result in arbitrary files being written to any directory in the victim's local file system, potentially leading to remote code execution.
The vulnerability concerns the tar.gz file handling mechanism in the plugin server (plugin_server) within the LightningApp application. An attacker can prepare a malicious tar.gz archive containing files with paths containing path traversal sequences (e.g., '../'). When LightningApp processes such a file through the /v1/runs endpoint, malicious files are extracted outside the intended target directory and can reach arbitrary locations in the victim's file system. Placing appropriate executable or configuration files in critical locations can lead to remote code execution.
An attacker can write arbitrary files to any directory in the victim's local file system, which may lead to remote code execution (RCE) and complete system compromise.
Apply the patch available in the vendor's repository (commit 330af381de88cff17515418a341cbc1f9f127f9a on GitHub). It is recommended to update to a version containing the specified fix. Until an update is applied, consider disabling the plugin_server feature or restricting network access to the /v1/runs endpoint.
lightning-ai/pytorch-lightning in version v2.2.4 when LightningApp application runs with plugin_server enabled
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HLightningai Pytorch Lightning
APPLightningai2.2.4 – 2.3.3 (bez)
Related vulnerabilities
PyTorch Lightning – mechanizm harvesting poświadczeń (Embedded Malicious Code)
RCE przez upload pliku w PyTorch Lightning (Windows) – CVE-2024-8019
RCE w pytorch-lightning przez podatną deserializację obiektów deepdiff
Code Injection in GitHub repository pytorchlightning/pytorch-lightning prior to 1.6.0.
PyTorch-Lightning versions 2.6.0 and earlier contain an insecure deserialization vulnerability (CWE-502) in th...