Listen to this Post
The vulnerability exploits the `lobeArtifact` node used to render specific content types from server responses. When the artifact type is image/svg+xml, the application uses the `SVGRender` component. This component utilizes React’s `dangerouslySetInnerHTML` to directly inject the provided SVG string into the DOM without sanitization. An attacker can craft a malicious SVG containing a script within an `onerror` handler. When this SVG is rendered, the script executes in the context of the Electron renderer process. This XSS is escalated to RCE by leveraging exposed Electron IPC APIs. The renderer process can invoke the `openExternalLink` IPC call, which in the main process uses `shell.openExternal` without validation. This allows the attacker to execute arbitrary system commands by invoking native applications from a filesystem URI.
Platform: LobeHub Lobe-Chat
Version: v1.129.3
Vulnerability: XSS to RCE
Severity: Critical
date: 2024-05-15
Prediction: 2024-06-15
What Undercode Say:
Search for dangerouslySetInnerHTML in codebase grep -r "dangerouslySetInnerHTML" --include=".tsx" --include=".ts" . List exposed IPC handlers in main process grep -r "ipcMain.handle" --include=".ts" .
// Malicious SVG Payload
<svg xmlns="http://www.w3.org/2000/svg">
<image href="1" onerror="void electron.ipcRenderer.invoke('openExternalLink', 'file:///path/to/calc')"/>
</svg>
How Exploit:
Craft a chat message containing a malicious `lobeArtifact` tag with a type of image/svg+xml. The embedded SVG payload uses an `onerror` event to call the privileged `openExternalLink` IPC method, triggering the execution of a local application.
Protection from this CVE:
Sanitize SVG input. Validate IPC calls. Use Context Isolation. Disable Node.js integration in renderer.
Impact:
Remote Code Execution leading to full host compromise.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode

