Skip to content
/ CVE-2023-43654 Public

Demo for CVE-2023-43654 - Remote Code Execution in PyTorch TorchServe

License

Apache-2.0 license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

OligoCyberSecurity/CVE-2023-43654

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2023-43654

ShellTorch Logo

ShellTorch is a chain of 3 Critical Vulnerabilities in PyTorch TorchServe - the default inference server of PyTorch. This is an End-to-End POC for an SSRF vulnerability which leads to Arbitrary Remote Code Execution from the network

1. Run TorchServe 0.8.1

docker run -d --rm -it -p 8080:8080 -p 8081:8081 -p 8082:8082 -p 7070:7070 -p 7071:7071 --name shelltorch-demo pytorch/torchserve:0.8.1-cpu

docker logs -f shelltorch-demo

2. Run the ShellTorch-Checker script

This tool is used to check if a given deployment is vulnerable to CVE-2023-43654.

bash <(curl https://raw.githubusercontent.com/OligoCyberSecurity/ShellTorchChecker/main/ShellTorchChecker.sh) "127.0.0.1"

Output:

 _____  _    _ ______ _      _   _______ ____  _____   _____ _    _
/ ____ | |  | |  ____| |    | | |__   __/ __ \|  __ \ / ____| |  | |
| (___ | |__| | |__  | |    | |    | | | |  | | |__) | |    | |__| |
\___  \|  __  |  __| | |    | |    | | | |  | |  _  /| |    |  __  |
____)  | |  | | |____| |____| |____| | | |__| | | \ \| |____| |  | |
|_____/|_|  |_|______|______|______|_|  \____/|_|  \_\______|_|  |_|


This script checks for TorchServe CVE-2023-43654
The vulnerability was found by the Oligo research team and allows for No-Auth RCE
For more details please see our full report at https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654

Disclaimer:
By using this tool, you acknowledge and agree that it is provided "as is" without
warranty of any kind, either express or implied. Oligo and any contributors shall not be held
liable for any direct, indirect, incidental, or consequential damages or false results arising
out of the use, misuse, or reliance on this tool.
You are solely responsible for understanding the output and implications of using this tool
and for any actions taken based on its findings.
Use at your own risk.
...........................................
By continuing running this script I agree that I have read the disclamer and have agreed to it.
Press any key to start scanning, Press Ctrl+C to exit.

torchserve is not running locally.
Scan Results:
  [-] Checking Management Interface API Misconfiguration (port 8081)
    [X] 127.0.0.1:8081 is open to remote connections
  [-] Checking CVE-2023-43654 Remote Server-Side Request Forgery (SSRF)
    [X] Vulnerable to CVE-2023-43654 SSRF file download

Recomendations:
  [-] To resolve Management Interface API Misconfiguration:
      Change "management_address" in config.properties from 0.0.0.0 to 127.0.0.1
      example:
        management_address: http://127.0.0.1:8081
  [-] To resolve CVE-2023-43654 SSRF file download:
      Configure specific urls in the "allowed_urls" field of config.properties.
      example:
        allowed_urls=https://s3.amazonaws.com/.*,https://torchserve.pytorch.org/.*

3. Cleanup

docker kill shelltorch-demo && rm -rf model-store

References:

About

Demo for CVE-2023-43654 - Remote Code Execution in PyTorch TorchServe

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2