Listen to this Post
The vulnerability exploits Ray’s insufficient browser request filtering. Ray’s dashboard endpoints, like /api/jobs/, are protected by a middleware that blocks requests with a `User-Agent` header starting with “Mozilla”. This is intended to prevent browser-originated attacks. However, the Fetch API in Firefox and Safari allows a malicious website to override the `User-Agent` header to a non-“Mozilla” value, bypassing this check. An attacker can host a malicious site that, when visited by a developer running a local Ray instance, uses a DNS rebinding attack to make the browser send a request to the local Ray dashboard (on localhost:8265). The attacker’s JavaScript payload, with a spoofed User-Agent, bypasses the protection and sends a POST request to the jobs API. This API executes the arbitrary command embedded in the request’s JSON payload, leading to remote code execution on the developer’s machine.
Platform: Ray
Version: <2.52.0
Vulnerability: Unauthenticated RCE
Severity: Critical
date: 2024-10-15
Prediction: Patch available
What Undercode Say:
ray start --head --port=6379 git clone https://github.com/nccgroup/singularity
sooFetch('/api/jobs/', {
method: 'POST',
headers: { 'User-Agent': 'Other' },
body: JSON.stringify(data)
})
How Exploit:
DNS rebinding attack
Bypass User-Agent check
POST malicious job
Protection from this CVE
Update to Ray 2.52.0
Enable token authentication
Network segmentation
Impact:
Arbitrary code execution
Developer machine compromise
Internal network pivot
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
