CVE-2023-37273

Name of the Vulnerable Software and Affected Versions Auto-GPT versions prior to 0.4.3

Description The issue arises from the use of a different docker-compose.yml file when running Auto-GPT by cloning the git repo and executing docker compose run auto-gpt in the repo root. This file mounts itself into the docker container without write protection, allowing malicious custom python code executed via the execute python file and execute python code commands to overwrite the docker-compose.yml file. This can lead to abuse and gain control of the host system the next time Auto-GPT is started.

Recommendations For versions prior to 0.4.3, update to version 0.4.3 to resolve the issue. As a temporary workaround, consider disabling the execute python file and execute python code commands until the update is applied. Restrict access to the docker-compose.yml file to minimize the risk of exploitation.