Listen to this Post
The vulnerability arises from the `/add/` endpoint (AddView in core/views.py), which accepts a `config` JSON field that is merged into the crawl configuration without any validation. This config is later exported as environment variables when archive plugins run, allowing an attacker to inject arbitrary arguments into external tools (e.g., yt-dlp, gallery-dl) and achieve remote code execution (RCE). When `PUBLIC_ADD_VIEW=True` (common for bookmarklet usage), the endpoint is exploitable without authentication, and it is also @csrf_exempt. The flaw is in how user-supplied config overrides propagate: `core/views.py:887` extracts `custom_config` from form data, `core/views.py:918` merges it into the crawl config, `config/configset.py:255-256` applies the crawl config with high priority, `hooks.py:398-411` exports the config as environment variables (skipping only a few keys), and `plugins/ytdlp/on_Snapshot__02_ytdlp.bg.py:122-123` uses `get_env_array(“YTDLP_ARGS_EXTRA”)` to build the command line for yt-dlp. By setting `YTDLP_ARGS_EXTRA` to a JSON array containing `–exec` and a malicious command (e.g., id > /tmp/pwned), an attacker can execute arbitrary commands on the ArchiveBox server. The same technique works with `GALLERYDL_ARGS_EXTRA` or by overriding any `_BINARY` key.
dailycve form:
Platform: ArchiveBox
Version: Affected versions (see references)
Vulnerability: RCE via config injection
Severity: Critical
date: 2025-05-04
Prediction: Patch expected within 7-14 days
What Undercode Say:
Analytics: The attack exploits unsafe merging of user input into environment variables, common in config injection CVEs. Below are bash commands to test and verify.
Test PoC (requires PUBLIC_ADD_VIEW=True)
curl -X POST http://localhost:8000/add/ \
-d "url=https://www.youtube.com/watch?v=dQw4w9WgXcQ" \
-d "depth=0" \
-d "config={\"YTDLP_ARGS_EXTRA\": \"[\\"--exec\\", \\"id > /tmp/pwned\\"]\"}"
Check for successful exec
ls -la /tmp/pwned && cat /tmp/pwned
Exploit:
Unattended POST to `/add/` with malicious `config` JSON; after crawl, `yt-dlp –exec ‘id > /tmp/pwned’` runs. No authentication required if PUBLIC_ADD_VIEW=True.
Protection from this CVE:
Set `PUBLIC_ADD_VIEW=False` in environment; upgrade to patched version; sanitize `config` input; disallow `_ARGS_EXTRA` and `_BINARY` overrides; use `subprocess` with safe argument escaping.
Impact:
Full remote code execution on the ArchiveBox server, leading to data theft, system compromise, or lateral movement. Pre-auth exploitation is trivial when the vulnerable configuration is enabled.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
