CVE-2023-54345
Frappe Framework ERPNext 13.4.0 Remote Code Execution
Frappe Framework ERPNext 13.4.0 contains a sandbox escape vulnerability in RestrictedPython that allows authenticated users with System Manager role to execute arbitrary code by exploiting frame introspection. Attackers can create a server script via the /app/server-script endpoint and access the gi_frame attribute to traverse the call stack and invoke os.popen to execute system commands.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
Frappe Technologies · Frappe Framework (ERPNext)public PoCs found — 1
cve_referencewww.exploit-db.com/exploits/51580unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://erpnext.orghttps://frappeframework.com/docs/v13/user/en/desk/scripting/server-scripthttps://gist.github.com/lebr0nli/c2fc617390451f0e5a4c31c87d8720b6https://github.com/frappe/frappe/https://github.com/frappe/frappe/blob/v13.4.0/frappe/utils/safe_exec.py#L42https://ur4ndom.dev/posts/2023-07-02-uiuctf-rattler-read/https://www.exploit-db.com/exploits/51580https://www.vulncheck.com/advisories/frappe-framework-erpnext-remote-code-execution