cbcvebase.
CVE-2024-28189
published 2024-04-18

CVE-2024-28189: Judge0 is an open-source online code execution system. The application uses the UNIX chown command on an untrusted file within the sandbox. An attacker can…

PriorityP272critical10CVSS 3.1
AVNACLPRNUINSCCHIHAH
EXPLOIT
EPSS
7.21%
93.5th percentile
Judge0 is an open-source online code execution system. The application uses the UNIX chown command on an untrusted file within the sandbox. An attacker can abuse this by creating a symbolic link (symlink) to a file outside the sandbox, allowing the attacker to run chown on arbitrary files outside of the sandbox. This vulnerability is not impactful on it's own, but it can be used to bypass the patch for CVE-2024-28185 and obtain a complete sandbox escape. This vulnerability is fixed in 1.13.1.

Detection & IOCsextracted from sources · hover to see the quote

urlhttps://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/judge0_sandbox_escape_cve_2024_28189.rb
versionJudge0 < 1.13.1
  • Monitor for symbolic link (symlink) creation inside the Judge0 sandbox directory pointing to files outside the sandbox boundary.
  • Detect execution of the UNIX `chown` command on untrusted or user-supplied files within the Judge0 sandbox environment, especially where the target resolves via a symlink to a path outside the sandbox.
  • Treat this vulnerability as a CVE-2024-28185 patch bypass; alert on sandbox escape attempts that chain symlink abuse with arbitrary file writes leading to code execution outside the sandbox.
  • A public Metasploit exploit module exists for this CVE targeting Linux HTTP services; monitor for exploitation attempts against Judge0 HTTP endpoints.
  • ·This vulnerability is only impactful when chained with CVE-2024-28185; on its own it does not yield a full sandbox escape.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.