CVE-2024-10252

A vulnerability in langgenius/dify versions <=v0.9.1 allows for code injection via internal SSRF requests in the Dify sandbox service. This vulnerability enables an attacker to execute arbitrary Python code with root privileges within the sandbox environment, potentially leading to the deletion of the entire sandbox service and causing irreversible damage.

CVSS v3 7.2 HIGH

7.2^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/langgenius/dify/commit/4ac99ffe0e1c9f4d7c523908e91bbc7739e0a8d4	Patch
https://huntr.com/bounties/62c6c958-96cb-426c-aebc-c41f06b9d7b0	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:langgenius:dify:*:*:*:*:*:node.js:*:*

History

No history.

Information

Published : 2025-03-20 10:15

Updated : 2025-07-11 20:34

NVD link : CVE-2024-10252

Mitre link : CVE-2024-10252

CVE.ORG link : CVE-2024-10252

JSON object : View

Products Affected

langgenius

dify

CWE

CWE-94

Improper Control of Generation of Code ('Code Injection')

{"id": "CVE-2024-10252", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "security@huntr.dev", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2025-03-20T10:15:15.360", "references": [{"url": "https://github.com/langgenius/dify/commit/4ac99ffe0e1c9f4d7c523908e91bbc7739e0a8d4", "tags": ["Patch"], "source": "security@huntr.dev"}, {"url": "https://huntr.com/bounties/62c6c958-96cb-426c-aebc-c41f06b9d7b0", "tags": ["Exploit", "Third Party Advisory"], "source": "security@huntr.dev"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@huntr.dev", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in langgenius/dify versions <=v0.9.1 allows for code injection via internal SSRF requests in the Dify sandbox service. This vulnerability enables an attacker to execute arbitrary Python code with root privileges within the sandbox environment, potentially leading to the deletion of the entire sandbox service and causing irreversible damage."}, {"lang": "es", "value": "Una vulnerabilidad en las versiones de langgenius/dify anteriores a la v0.9.1 permite la inyecci\u00f3n de c\u00f3digo mediante solicitudes SSRF internas en el servicio de la sandbox de Dify. Esta vulnerabilidad permite a un atacante ejecutar c\u00f3digo Python arbitrario con privilegios de root dentro del entorno de la sandbox, lo que podr\u00eda provocar la eliminaci\u00f3n completa del servicio de la sandbox y causar da\u00f1os irreversibles."}], "lastModified": "2025-07-11T20:34:47.203", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:langgenius:dify:*:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "FF5F727F-CC30-49A2-8B85-E1C15DC43B96", "versionEndIncluding": "0.9.1"}], "operator": "OR"}]}], "sourceIdentifier": "security@huntr.dev"}