{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/vendors/masci/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.5,"id":"CVE-2024-41950"},{"cvss":9.8,"id":"CVE-2025-25362"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["banks (\u003c= 2.4.1)"],"_cs_severities":["high"],"_cs_tags":["ssti","rce","jinja2"],"_cs_type":"advisory","_cs_vendors":["masci"],"content_html":"\u003cp\u003eThe \u003ccode\u003ebanks\u003c/code\u003e library, versions 2.4.1 and earlier, is susceptible to a critical Server-Side Template Injection (SSTI) vulnerability (CVE-2026-44209) due to its utilization of an unsandboxed Jinja2 environment. This flaw enables attackers to inject and execute arbitrary code on the host system by exploiting applications that pass user-supplied strings as the template argument to the \u003ccode\u003ePrompt()\u003c/code\u003e function. The vulnerability arises because the \u003ccode\u003ejinja2.Environment()\u003c/code\u003e is initialized without proper sandboxing, allowing access to dangerous Python built-ins. This vulnerability impacts any application that relies on \u003ccode\u003ebanks\u003c/code\u003e and allows users to supply prompt templates, potentially leading to full system compromise.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker identifies an application using \u003ccode\u003ebanks \u0026lt;= 2.4.1\u003c/code\u003e that accepts user-controlled input for prompt templates.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious payload containing Jinja2 template code that leverages Python built-in functions for OS command execution (e.g., using \u003ccode\u003eself.__init__.__globals__.__builtins__.__import__('os').popen('id').read()\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eThe attacker submits the malicious payload through a user-supplied input field, API endpoint, or configuration file that is then passed to the \u003ccode\u003ePrompt()\u003c/code\u003e function.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003ePrompt()\u003c/code\u003e function processes the user-supplied string through the unsandboxed Jinja2 environment.\u003c/li\u003e\n\u003cli\u003eThe Jinja2 template engine executes the embedded Python code within the malicious payload.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eos.popen()\u003c/code\u003e function executes the attacker-specified command on the host operating system.\u003c/li\u003e\n\u003cli\u003eThe output of the command is captured and potentially returned as part of the rendered template.\u003c/li\u003e\n\u003cli\u003eThe attacker gains arbitrary code execution on the server, enabling data exfiltration, system compromise, or further malicious activities.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows attackers to execute arbitrary commands on the host system, potentially leading to full system compromise. Applications that allow users to supply or customize prompt templates are at significant risk. The impact includes data exfiltration, unauthorized access to sensitive information, and the potential for deploying ransomware or other malware. Similar vulnerabilities (CVE-2024-41950, CVE-2025-25362) in other libraries highlight the severity of this issue.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade the \u003ccode\u003ebanks\u003c/code\u003e library to version 2.4.2 or later, which implements a sandboxed Jinja2 environment to mitigate SSTI risks.\u003c/li\u003e\n\u003cli\u003eImplement input validation and sanitization on all user-supplied prompt templates to prevent the injection of malicious code.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect banks SSTI via Jinja2 Template Injection\u0026rdquo; to identify potential exploitation attempts in web server logs by monitoring for requests containing suspicious Jinja2 syntax.\u003c/li\u003e\n\u003cli\u003eReview applications using the \u003ccode\u003ebanks\u003c/code\u003e library to identify and remediate any instances where user-controlled input is directly passed to the \u003ccode\u003ePrompt()\u003c/code\u003e function without proper sanitization.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2024-07-03T17:21:00Z","date_published":"2024-07-03T17:21:00Z","id":"/briefs/2024-07-banks-ssti-rce/","summary":"banks version 2.4.1 and earlier is vulnerable to Server-Side Template Injection (SSTI) due to the use of an unsandboxed Jinja2 environment, allowing attackers to achieve Remote Code Execution (RCE) by injecting malicious code through user-supplied prompt templates.","title":"banks Library Vulnerable to Server-Side Template Injection Leading to Remote Code Execution","url":"https://feed.craftedsignal.io/briefs/2024-07-banks-ssti-rce/"}],"language":"en","title":"CraftedSignal Threat Feed — Masci","version":"https://jsonfeed.org/version/1.1"}