CVE-2025-53927
BaseFortify
Publication date: 2025-07-17
Last updated on: 2025-08-02
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| maxkb | maxkb | to 2.0.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in MaxKB, an open-source AI assistant for enterprise, allows an attacker to bypass sandbox design rules. Prior to version 2.0.0, MaxKB only restricted execution permissions of files in a specific directory. An attacker can exploit this by using Python's shutil.copy2 method to copy a malicious command into the executable directory, thereby bypassing directory restrictions and potentially executing a reverse shell.
How can this vulnerability impact me? :
This vulnerability can allow an attacker to execute unauthorized commands by bypassing sandbox restrictions. This could lead to unauthorized access, data leakage, or control over the system through a reverse shell, potentially compromising the security and integrity of the affected system.
What immediate steps should I take to mitigate this vulnerability?
Upgrade MaxKB to version 2.0.0 or later, as this version fixes the sandbox bypass issue. Until then, restrict the use of the shutil.copy2 method or monitor and control file execution permissions carefully to prevent attackers from copying and executing malicious commands in the executable directory.