CVE-2024-5827
published 2024-06-28CVE-2024-5827: Vanna v0.3.4 is vulnerable to SQL injection in its DuckDB integration exposed to its Flask Web APIs. Attackers can inject malicious SQL training data and…
PriorityP181critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
3.45%
87.5th percentile
Vanna v0.3.4 is vulnerable to SQL injection in its DuckDB integration exposed to its Flask Web APIs. Attackers can inject malicious SQL training data and generate corresponding queries to write arbitrary files on the victim's file system, such as backdoor.php with contents ``. This can lead to command execution or the creation of backdoors.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vanna-ai | vanna-ai_vanna | unspecified – latest | — |
Detection & IOCsextracted from sources · hover to see the quote
url/api/v0/generate_sql?question=What%20is%20the%20content%20of%20the%20first%201000%20characters%20of%20the%20%2Fetc%2Fpasswd%20file?↗
- →Detect exploitation attempts by monitoring POST requests to /api/v0/train containing SQL injection payloads (e.g., pg_read_file) in the 'sql' JSON field, followed by GET requests to /api/v0/generate_sql. ↗
- →Alert on HTTP 200 responses from /api/v0/generate_sql whose JSON body matches the regex 'root:.*:0:0:' indicating successful /etc/passwd exfiltration via SQL injection. ↗
- →Monitor the filesystem for creation of PHP webshell files (e.g., backdoor.php) in web-accessible directories as a post-exploitation indicator of CVE-2024-5827 abuse. ↗
- →The attack requires two sequential HTTP requests: (1) a training injection via POST /api/v0/train and (2) SQL generation trigger via GET /api/v0/generate_sql. Correlate both in network logs to identify full attack chain. ↗
- ·The vulnerability is specific to Vanna v0.3.4's DuckDB integration exposed via Flask Web APIs. The attack surface is only present when the Flask API is publicly accessible without authentication. ↗
- ·Exploitation is unauthenticated (PR:N), meaning no credentials are required to POST malicious training data to /api/v0/train, making internet-exposed instances immediately at risk. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck9.8CRITICAL
vendor_redhat7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-c89v-fg7j-r5qj: Vanna v0
ghsa_unreviewed·2024-06-29
CVE-2024-5827 [CRITICAL] CWE-434 GHSA-c89v-fg7j-r5qj: Vanna v0
Vanna v0.3.4 is vulnerable to SQL injection in its DuckDB integration exposed to its Flask Web APIs. Attackers can inject malicious SQL training data and generate corresponding queries to write arbitrary files on the victim's file system, such as backdoor.php with contents ``. This can lead to command execution or the creation of backdoors.
VulnCheck
Vanna DuckDB Integration SQL Injection Vulnerability
vulncheck·2024·CVSS 9.8
CVE-2024-5827 [CRITICAL] Vanna DuckDB Integration SQL Injection Vulnerability
Vanna DuckDB Integration SQL Injection Vulnerability
Vanna v0.3.4 is vulnerable to SQL injection in its DuckDB integration exposed to its Flask Web APIs. Attackers can inject malicious SQL training data and generate corresponding queries to write arbitrary files on the victim's file system, such as backdoor.php with contents ``. This can lead to command execution or the creation of backdoors.
Affected: Vanna-ai Vanna
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-12-05&host_type=src&vulnerability=cve-2024-5827; https://dashboard.shadowserver.org/statistics/honeypot/vulnera
Red Hat
kernel: net/smc: do not leave a dangling sk pointer in __smc_create()
vendor_redhat·2024-11-19·CVSS 7.8
CVE-2024-50293 [HIGH] kernel: net/smc: do not leave a dangling sk pointer in __smc_create()
kernel: net/smc: do not leave a dangling sk pointer in __smc_create()
In the Linux kernel, the following vulnerability has been resolved:
net/smc: do not leave a dangling sk pointer in __smc_create()
Thanks to commit 4bbd360a5084 ("socket: Print pf->create() when
it does not clear sock->sk on failure."), syzbot found an issue with AF_SMC:
smc_create must clear sock->sk on failure, family: 43, type: 1, protocol: 0
WARNING: CPU: 0 PID: 5827 at net/socket.c:1565 __sock_create+0x96f/0xa30 net/socket.c:1563
Modules linked in:
CPU: 0 UID: 0 PID: 5827 Comm: syz-executor259 Not tainted 6.12.0-rc6-next-20241106-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
RIP: 0010:__sock_create+0x96f/0xa30 net/socket.c:1563
Code: 03 00 74 08 4c 89 e7 e8 4f
No detection rules found.
Nuclei
Vanna - SQL injection
nuclei·CVSS 9.8
CVE-2024-5827 [CRITICAL] Vanna - SQL injection
Vanna - SQL injection
Vanna v0.3.4 is vulnerable to SQL injection in its DuckDB integration exposed to its Flask Web APIs. Attackers can inject malicious SQL training data and generate corresponding queries to write arbitrary files on the victim's file system, such as backdoor.php with contents ``. This can lead to command execution or the creation of backdoors.
Template:
id: CVE-2024-5827
info:
name: Vanna - SQL injection
author: olfloralo,nukunga,harksu,nechyo,gy741
severity: critical
description: |
Vanna v0.3.4 is vulnerable to SQL injection in its DuckDB integration exposed to its Flask Web APIs. Attackers can inject malicious SQL training data and generate corresponding queries to write arbitrary files on the victim's file system, such as backdoor.php with contents ``. This can le
2024-06-28
Published
Exploited in the wild