cbcvebase.
CVE-2021-33026
published 2021-05-13

CVE-2021-33026: The Flask-Caching extension through 1.10.1 for Flask relies on Pickle for serialization, which may lead to remote code execution or local privilege escalation…

PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
7.29%
93.6th percentile
The Flask-Caching extension through 1.10.1 for Flask relies on Pickle for serialization, which may lead to remote code execution or local privilege escalation. If an attacker gains access to cache storage (e.g., filesystem, Memcached, Redis, etc.), they can construct a crafted payload, poison the cache, and execute Python code. NOTE: a third party indicates that exploitation is extremely unlikely unless the machine is already compromised; in other cases, the attacker would be unable to write their payload to the cache and generate the required collision

Affected

3 ranges
VendorProductVersion rangeFixed in
debianflask-caching
flask-caching_projectflask-caching<= 1.10.1
flask-caching_projectflask-caching0 – 1.10.1

Detection & IOCsextracted from sources · hover to see the quote

othergASVHgAAAAAAAACMAm9zlIwGc3lzdGVtlJOUjAZ3aG9hbWmUhZRSlC4=
commandUPDATE my_cache_table SET value = 'gASVHgAAAAAAAACMAm9zlIwGc3lzdGVtlJOUjAZ3aG9hbWmUhZRSlC4=' where rowid=2;
  • Monitor cache storage backends (filesystem, Memcached, Redis, database) for unexpected writes or modifications to cached values, particularly binary/base64-encoded blobs that may represent crafted Pickle payloads.
  • Detect Pickle deserialization abuse by alerting on unexpected process spawning (e.g., shell commands like 'whoami') originating from the web application server process, which may indicate a poisoned cache entry being deserialized.
  • Inspect database cache tables (e.g., Django's DatabaseCache backend) for rows where the 'value' column contains base64-encoded data beginning with 'gASV' — the Pickle protocol 5 opcode header — as this is characteristic of crafted RCE payloads.
  • Alert on direct or indirect calls to pickle.load() within Flask-Caching (through 1.10.1) or Django cache backends (Locmem, Filebased, Database, Redis) when processing data from external/shared cache stores.
  • ·Exploitation requires the attacker to already have write access to the cache storage backend; exploitation is considered extremely unlikely unless the machine is already compromised or the attacker can write to the cache and generate the required key collision.
  • ·The Flask-Caching vulnerability affects versions through 1.10.1; all Debian tracked releases (bookworm, bullseye, forky, sid, trixie) remain open/unpatched as of the source data.
  • ·The Django database cache PoC uses sqlite3 on the same machine for simplicity, but the real-world risk is highest when the cache (database or Redis) runs on a separate machine/container from the Django application server.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_debian9.8LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.