CVE-2024-1881

Name of the Vulnerable Software and Affected Versions AutoGPT versions v0.5.0 through v5.1.0

Description The issue arises from the application's method of validating shell commands against an allowlist or denylist, where it only checks the first word of the command. This allows an attacker to bypass the intended restrictions by crafting commands that are executed despite not being on the allowlist or by including malicious commands not present in the denylist. Successful exploitation could allow an attacker to execute arbitrary shell commands.

Recommendations For versions v0.5.0 through v5.1.0, as a temporary workaround, consider disabling the shell command validation function until a patch is available. Restrict access to the shell command module to minimize the risk of exploitation. Avoid using the shell command variable in affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.