CVE-2023-6572 – This CVE describes a command injection vulnerab... (How to Fix)

📋 TL;DR

This CVE describes a command injection vulnerability in the Gradio library that allows attackers to execute arbitrary commands on the host system. It affects applications using vulnerable versions of Gradio that process untrusted user input. Attackers can exploit this to gain unauthorized access and control over affected systems.

💻 Affected Systems

Products:

gradio

Versions: All versions prior to the fix in commit 5b5af1899dd98d63e1f9b48a93601c2db1f56520

Operating Systems: All operating systems running Python

Default Config Vulnerable: ⚠️ Yes

Notes: Any Gradio application processing user input without additional validation is vulnerable.

📦 What is this software?

Gradio by Gradio Project

View all CVEs affecting Gradio →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise allowing remote code execution, data theft, lateral movement, and complete control of the host.

🟠

Likely Case

Unauthorized command execution leading to data exfiltration, service disruption, or installation of malware.

🟢

If Mitigated

Limited impact with proper input validation and sandboxing, potentially only service disruption.

🌐 Internet-Facing: HIGH - Web applications using Gradio are directly exposed to remote attackers.

🏢 Internal Only: MEDIUM - Internal applications still vulnerable but with reduced attack surface.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires sending specially crafted input to vulnerable endpoints. Public details available in bounty reports.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in commit 5b5af1899dd98d63e1f9b48a93601c2db1f56520 and later versions

Vendor Advisory: https://github.com/gradio-app/gradio/commit/5b5af1899dd98d63e1f9b48a93601c2db1f56520

Restart Required: Yes

Instructions:

1. Update Gradio to latest version: pip install --upgrade gradio
2. Restart all applications using Gradio
3. Verify the fix by checking version and testing input validation

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation and sanitization for all user inputs before processing.

Network Segmentation

all

Isolate Gradio applications in restricted network segments with limited outbound access.

🧯 If You Can't Patch

Implement strict input validation and sanitization for all user inputs
Run Gradio applications with minimal privileges and in isolated containers

🔍 How to Verify

Check if Vulnerable:

Check Gradio version and compare with fixed commit 5b5af1899dd98d63e1f9b48a93601c2db1f56520

Check Version:

python -c "import gradio; print(gradio.__version__)"

Verify Fix Applied:

Test with malicious input patterns that previously triggered command injection

📡 Detection & Monitoring

Log Indicators:

Unusual command execution patterns
Suspicious system calls from Gradio processes
Error logs showing command injection attempts

Network Indicators:

Unexpected outbound connections from Gradio applications
Suspicious payloads in HTTP requests to Gradio endpoints

SIEM Query:

process.name:"python" AND process.args:"gradio" AND (process.cmdline:*sh* OR process.cmdline:*cmd* OR process.cmdline:*powershell*)

📊 Metadata

CVE ID: CVE-2023-6572

CVSS v3 Score: 8.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE: CWE-77

Published: December 14, 2023

Last Updated: November 21, 2024

🔗 References

https://github.com/gradio-app/gradio/commit/5b5af1899dd98d63e1f9b48a93601c2db1f56520 Patch
https://huntr.com/bounties/21d2ff0c-d43a-4afd-bb4d-049ee8da5b5c Exploit,Issue Tracking,Patch,Third Party Advisory
https://github.com/gradio-app/gradio/commit/5b5af1899dd98d63e1f9b48a93601c2db1f56520 Patch
https://huntr.com/bounties/21d2ff0c-d43a-4afd-bb4d-049ee8da5b5c Exploit,Issue Tracking,Patch,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-6572, you might also want to check these: