CVE-2023-37273 PoC — Docker escape in Auto-GPT when running from docker-compose.yml included in git repo

Source

https://github.com/gdesantis01/instructions-summarizing

Associated Vulnerability

Title:Docker escape in Auto-GPT when running from docker-compose.yml included in git repo (CVE-2023-37273)
Description:Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. Running Auto-GPT version prior to 0.4.3 by cloning the git repo and executing `docker compose run auto-gpt` in the repo root uses a different docker-compose.yml file from the one suggested in the official docker set up instructions. The docker-compose.yml file located in the repo root mounts itself into the docker container without write protection. This means that if malicious custom python code is executed via the `execute_python_file` and `execute_python_code` commands, it can overwrite the docker-compose.yml file and abuse it to gain control of the host system the next time Auto-GPT is started. The issue has been patched in version 0.4.3.

Description

Site containing info useful for demonstrate CVE-2023-37273

Readme

# instructions-summarizing
Site containing info useful for demonstrate CVE-2023-37273

File Snapshot


 [4.0K]  /data/pocs/372efef6ccf01199efdab24c4f4df2bab7c2b2fc
├── [ 108]  access2.py
├── [ 784]  access.py
├── [ 534]  index2.html
├── [ 432]  index3.html
├── [ 429]  index4.html
├── [ 531]  index.html
└── [  86]  README.md

0 directories, 7 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!