This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: OneUptime < 10.0.18 allows executing untrusted code in Node.js `vm` module. π **Consequences**: Sandbox escape, Remote Code Execution (RCE), and total cluster compromise.β¦
π‘οΈ **Root Cause**: CWE-94 (Code Injection). π **Flaw**: Unsafe execution of user-supplied code within the Node.js `vm` module. The sandbox is effectively broken, allowing code to break out. β οΈ
π **Privileges**: Full system access. π **Data**: Complete cluster takeover. π₯οΈ **Action**: Hackers can execute arbitrary commands remotely. π« No restrictions on what they can do once inside.
Q5Is exploitation threshold high? (Auth/Config)
π **Auth Required**: Yes. βοΈ **Level**: Low Privileges (PR:L). π **Access**: Network (AV:N). πΆ **UI**: None required (UI:N). π **Complexity**: Low (AC:L). Easy to exploit if you have basic login access.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π **Public Exploit**: No PoC provided in data. π΅οΈ **Status**: Advisory confirmed via GitHub (GHSA-h343-gg57-2q67). π« **Wild Exploit**: Unknown, but severity suggests high risk if weaponized.
Q7How to self-check? (Features/Scanning)
π **Check**: Verify your OneUptime version. π **Scan**: Look for Node.js `vm` module usage in custom scripts. π οΈ **Feature**: Check if users can inject code into monitoring scripts.β¦
β **Fixed**: Yes. π **Patch**: Upgrade to **OneUptime 10.0.18** or newer. π’ **Source**: Official GitHub Security Advisory. π‘οΈ Immediate update recommended.
Q9What if no patch? (Workaround)
π§ **Workaround**: Disable user script execution features. π« **Mitigation**: Restrict access to the `vm` module. π **Isolate**: Segment the cluster to limit lateral movement.β¦