maoning
commented
3 months ago @frkngksl Thanks for the request. As we already have an existing H2O plugin for arbitrary file write which overlaps with this one, we won't move forward with this vulnerability.
frkngksl
I want to develop a plugin for h2o-3 LFI CVE-2023-6038. H2O is an Open Source, Distributed, Fast & Scalable Machine Learning Platform. I think that it should be in the AI PRP scope.
Product Information: H2O is an in-memory platform for distributed, scalable machine learning. H2O uses familiar interfaces like R, Python, Scala, Java, JSON, and the Flow notebook/web interface, and works seamlessly with big data technologies like Hadoop and Spark. H2O provides implementations of many popular algorithms such as Generalized Linear Models (GLM), Gradient Boosting Machines (including XGBoost), Random Forests, Deep Neural Networks, Stacked Ensembles, Naive Bayes, Generalized Additive Models (GAM), Cox Proportional Hazards, K-Means, PCA, Word2Vec, as well as a fully automatic machine learning algorithm (H2O AutoML).
Vulnerability Information: An attacker is able to read any file on the server hosting the H2O dashboard without any authentication.
Vulnerable Versions are 3.40.0.4 and below.
Product Website: https://h2o.ai/
Ref: https://huntr.com/bounties/380fce33-fec5-49d9-a101-12c972125d8c Ref: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-6038.yaml Ref: https://nvd.nist.gov/vuln/detail/CVE-2023-6038
The vulnerability requires two HTTP request one is GET and other one is POST. After the POST request, we can get any file content in the response. If you accept it, I want to develop a plugin that tries to read /etc/shadow content. If you accept this PRP, I can also write this design in detail.