MaxKB sandbox bypass_CVE-2025-53927

4.6 / 10

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L

Description

MaxKB is an open-source AI assistant for enterprise. Prior to version 2.0.0, the sandbox design rules can be bypassed because MaxKB only restricts the execution permissions of files in a specific directory. Therefore, an attacker can use the `shutil.copy2` method in Python to copy the command they want to execute to the executable directory. This bypasses directory restrictions and reverse shell. Version 2.0.0 fixes the issue.

Basic Information

ID CVE-2025-53927

Source GitHub_M

Published Jul 17, 2025 at 13:50

Modified Jul 17, 2025 at 19:56

Affected Product

Vendor 1Panel-dev

Product MaxKB

Version < 2.0.0

Affected Versions 1Panel-dev MaxKB < 2.0.0

CWE Classification

CWE-94

References

{
    "lastseen": "",
    "description": "MaxKB is an open-source AI assistant for enterprise. Prior to version 2.0.0, the sandbox design rules can be bypassed because MaxKB only restricts the execution permissions of files in a specific directory. Therefore, an attacker can use the `shutil.copy2` method in Python to copy the command they want to execute to the executable directory. This bypasses directory restrictions and reverse shell. Version 2.0.0 fixes the issue.",
    "published": "2025-07-17T13:50:18.268Z",
    "modified": "2025-07-17T19:56:23.111Z",
    "type": "cve",
    "title": "MaxKB sandbox bypass",
    "source": "GitHub_M",
    "references": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-5xhm-4j3v-87m4\nhttps://github.com/1Panel-dev/MaxKB/releases/tag/v2.0.0",
    "id": "CVE-2025-53927",
    "bulletinFamily": "",
    "cwe": [
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "1Panel-dev MaxKB < 2.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 4.6,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "MaxKB",
    "version": "< 2.0.0",
    "vendor": "1Panel-dev",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}