PT-2024-5024 · Tiagorlampert · Chaos

Published

2024-04-05

·

Updated

2025-08-27

·

CVE-2024-30850

CVSS v2.0
9.0
VectorAV:N/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions: tiagorlampert CHAOS version 5.0.1 tiagorlampert CHAOS versions before 1b451cf62582295b7225caf5a7b506f0bad56f6b and 24c9e109b5be34df7b2bce8368eae669c481ed5e
Description: The issue allows a remote attacker to execute arbitrary code via the 
BuildClient
function within 
client service.go
. This is due to the lack of measures to neutralize special elements used in the operating system command. The exploitation of this issue may allow a remote attacker to execute arbitrary code. A remote attacker can also execute arbitrary commands via crafted HTTP requests.
Recommendations: For tiagorlampert CHAOS version 5.0.1, consider disabling the 
BuildClient
function within 
client service.go
until a patch is available. For tiagorlampert CHAOS versions before 1b451cf62582295b7225caf5a7b506f0bad56f6b and 24c9e109b5be34df7b2bce8368eae669c481ed5e, update to a version that includes the necessary security fixes to prevent the unsafe concatenation of the 
filename
argument into the 
buildStr
string. As a temporary workaround, restrict access to the 
client service.go
file to minimize the risk of exploitation. Avoid using the 
filename
argument in the affected 
buildStr
string until the issue is resolved.

Exploit

Fix

Command Injection

OS Command Injection

Weakness Enumeration

CWE-77CWE-78

Related Identifiers

BDU:2024-05548
CVE-2024-30850
GHSA-P3J6-F45H-HW5F
GHSA-XFJJ-F699-RC79
GO-2024-2822

Affected Products

Chaos