Judge0 Security Flaw Let Attackers Run Arbitrary Code & Gain Root Access

Tanto Safety has disclosed serious vulnerabilities in the widely-feeble initiating-source service Judge0, which can per chance per chance enable attackers to scheme a sandbox crawl and execute root entry to the host machine.

The vulnerabilities, identified as CVE-2024-29021, CVE-2024-28185, and CVE-2024-28189, pose a considerable probability to the protection of the service, which various organizations exercise for precise sandboxed code execution.

Judge0 is designed to crawl arbitrary code interior a precise ambiance. In step with the Judge0 website, the service boasts 23 customers and over 300 self-hosted cases on the overall public Web.

The service is moreover presumed to be feeble interior many non-public inner networks.

The disclosed vulnerabilities have raised issues amongst snarl and cybersecurity communities, namely interior academic institutions and skills recruitment companies that depend on Judge0 to be optimistic the safe execution of code.

The invention of the vulnerabilities used to be made public thru a detailed weblog publish by Tanto Safety, which outlined the strategy of uncovering the failings, including source code evaluation and exploitation.

The investigation into Judge0’s security began with a informal dialog between the researcher and a legit friend who utilized the platform for offloading the advanced job of precise code execution.

This dialog sparked the researcher’s hobby, prompting a deeper exploration of Judge0’s mechanisms.

Clear oversights in the service’s default configuration made the vulnerabilities exploitable. For occasion, the default password for the Judge0 configuration file is “YourPasswordHere1234,” and the deployment instructions form no longer explicitly clarify users to trade it.

This oversight may per chance per chance go many cases inclined if the administrators did no longer change the default password.

Demonstration of the Attack

Moreover, the researcher demonstrated the aptitude for an attacker to produce a submission that may per chance per chance brute pressure the password.

By making multiple submissions, the attacker may per chance per chance queue up submissions and crawl an SQL depend on to modify the crawl arguments of a submission, in the kill leading to a sandbox crawl and root entry.

These vulnerabilities have excessive implications, as they may per chance per chance enable attackers to enact arbitrary code with the very best level of privileges on the host machine.

This may per chance occasionally doubtless per chance per chance moreover lead to unauthorized entry to quiet files, disruption of providers and products, and the aptitude for further exploitation interior the community.

Tanto Safety’s disclosure has prompted a swift response from the cybersecurity community, with calls for rapid action to patch the vulnerabilities and precise Judge0 cases.

Organizations utilizing Judge0 are entreated to fetch out about their configurations, change passwords, and put collectively any readily accessible security updates to mitigate the dangers associated with these vulnerabilities.

Judge0 users are now tasked with reinforcing their defenses to forestall exploitation by malicious actors.

Combat Email Threats with Easy-to-Launch Phishing Simulations: Email Security Awareness Training -> Try Free Demo