Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-8rq8-f485-7v8x: Deserialization of Untrusted Data in rpc.py

rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the “serializer: pickle” HTTP header is sent. In other words, although JSON (not Pickle) is the default data format, an unauthenticated client can cause the data to be processed with unpickle.

Per the maintainer, rpc.py is not designed for an API that is open to the outside world, and external requests cannot reach rpc.py in real world use.

A fix exists on the master branch. As a workaround, use the following code to turn off pickle in older versions:

del SERIALIZER_NAMES[PickleSerializer.name]
del SERIALIZER_TYPES[PickleSerializer.content_type]
ghsa
#js#git#rce#auth

rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the “serializer: pickle” HTTP header is sent. In other words, although JSON (not Pickle) is the default data format, an unauthenticated client can cause the data to be processed with unpickle.

Per the maintainer, rpc.py is not designed for an API that is open to the outside world, and external requests cannot reach rpc.py in real world use.

A fix exists on the master branch. As a workaround, use the following code to turn off pickle in older versions:

del SERIALIZER_NAMES[PickleSerializer.name]
del SERIALIZER_TYPES[PickleSerializer.content_type]
### References
- https://nvd.nist.gov/vuln/detail/CVE-2022-35411
- https://github.com/abersheeran/rpc.py/commit/491e7a841ed9a754796d6ab047a9fb16e23bf8bd
- https://github.com/ehtec/rpcpy-exploit
- https://medium.com/@elias.hohl/remote-code-execution-0-day-in-rpc-py-709c76690c30
- https://github.com/abersheeran/rpc.py/issues/22

Related news

rpc.py 0.6.0 Remote Code Execution

rpc.py version 0.6.0 suffers from a remote code execution vulnerability.

CVE-2022-35411: Remote Code Execution 0-day in rpc.py - Elias Hohl - Medium

rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the "serializer: pickle" HTTP header is sent. In other words, although JSON (not Pickle) is the default data format, an unauthenticated client can cause the data to be processed with unpickle.