CVE-2024-21552 – CVE-2024-21552 allows arbitrary code execution ... (How to Fix)

📋 TL;DR

CVE-2024-21552 allows arbitrary code execution on SuperAGI servers through unsafe use of the 'eval' function. Attackers can manipulate LLM outputs to execute malicious code on the application server. All SuperAGI users running vulnerable versions are affected.

💻 Affected Systems

Products:

SuperAGI

Versions: All versions

Operating Systems: All platforms running SuperAGI

Default Config Vulnerable: ⚠️ Yes

Notes: Any SuperAGI deployment using the vulnerable output_handler.py file is affected regardless of configuration.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server compromise allowing data theft, lateral movement, ransomware deployment, and persistent backdoor installation.

🟠

Likely Case

Server takeover leading to credential harvesting, data exfiltration, and use as a pivot point for further attacks.

🟢

If Mitigated

Limited impact with proper network segmentation and strict input validation, potentially preventing successful exploitation.

🌐 Internet-Facing: HIGH

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires manipulating LLM output to trigger eval with malicious payloads. The vulnerability is straightforward to exploit once the attack vector is understood.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

1. Monitor SuperAGI GitHub repository for security updates
2. Apply patches immediately when available
3. Review and replace eval usage with safer alternatives

🔧 Temporary Workarounds

Remove eval usage

all

Replace eval() calls in output_handler.py with safer alternatives like ast.literal_eval or custom parsing functions

# Edit superagi/agent/output_handler.py lines 149 and 180
# Replace eval() with safer alternatives

Input sanitization

all

Implement strict input validation and sanitization for LLM outputs before processing

# Add validation functions to sanitize LLM outputs
# Implement allowlists for expected output patterns

🧯 If You Can't Patch

Network segmentation: Isolate SuperAGI servers from critical systems and internet access
Monitor and restrict: Implement strict monitoring of eval calls and restrict server permissions to minimal required access

🔍 How to Verify

Check if Vulnerable:

Check if superagi/agent/output_handler.py contains eval() calls at lines 149 and 180

Check Version:

# Check SuperAGI version if available in deployment

Verify Fix Applied:

Verify eval() calls have been removed or replaced with safe alternatives in output_handler.py

📡 Detection & Monitoring

Log Indicators:

Unusual process execution from SuperAGI
Suspicious eval calls with unexpected parameters
Abnormal system command execution

Network Indicators:

Unexpected outbound connections from SuperAGI server
Command and control traffic patterns

SIEM Query:

process.name:python AND process.args:*eval* AND process.args:*SuperAGI*

📊 Metadata

CVE ID: CVE-2024-21552

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-94

Published: July 22, 2024

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-21552, you might also want to check these: