A critical remote code execution vulnerability exists in the unauthenticated REST API endpoint /99/ImportSQLTable in H2O-3 version 3.46.0.9 and prior. The vulnerability arises due to insufficient security controls in the parameter blacklist mechanism, which only targets MySQL JDBC driver-specific dangerous parameters. An attacker can bypass these controls by switching the JDBC URL protocol to jdbc:postgresql: and exploiting PostgreSQL JDBC driver-specific parameters such as socketFactory and socketFactoryArg. This allows unauthenticated attackers to execute arbitrary code on the H2O-3 server with the privileges of the H2O-3 process. The issue is resolved in version 3.46.0.10.
The security mechanism in H2O-3 applies a blacklist of dangerous JDBC parameters, however it is only directed against the MySQL driver. An attacker can bypass this control by changing the JDBC URL protocol from jdbc:mysql: to jdbc:postgresql:, and then exploiting parameters specific to the PostgreSQL JDBC driver, such as socketFactory and socketFactoryArg. The /99/ImportSQLTable endpoint does not require authentication, which means the exploit is available to anyone who can connect to the server. As a result, it is possible to load and execute arbitrary code in the context of the H2O-3 process.
An unauthenticated attacker can execute arbitrary code on the H2O-3 server with the privileges of the H2O-3 process, which may lead to complete server compromise, data theft, and further lateral movement in the network.
H2O-3 should be updated to version 3.46.0.10, in which the issue has been resolved. If immediate update is not possible, it is recommended to restrict network access to the /99/ImportSQLTable endpoint using a firewall or network rules so that it is accessible only from trusted IP addresses.
H2O-3 version 3.46.0.9 and all earlier versions
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HH2o
APPH2O< 3.46.0.10
Related vulnerabilities
Deserializacja w H2O umożliwia RCE i odczyt plików systemowych
RCE poprzez deserializację w REST API h2oai/h2o-3 (JDBC URL)
H2O.ai H2O — RCE i odczyt plików przez niekontrolowany JDBC URL
An attacker is able to gain remote code execution on a server hosting the H2O dashboard through it's POJO mode...
A vulnerability in the `/3/ParseSetup` endpoint of h2oai/h2o-3 version 3.46.0.1 allows for a denial of service...