CRITICAL🇵🇱 Wersja polska

CVE-2024-48050

CVSS 9.8v3.1pub. 2024-11-04upd. 2025-09-04

In agentscope <=v0.0.4, the file agentscope\web\workstation\workflow_utils.py has the function is_callable_expression. Within this function, the line result = eval(s) poses a security risk as it can directly execute user-provided commands.

🤖 AI Analysis
How it works

The is_callable_expression function in the workstation module of AgentScope's web application contains a call to result = eval(s), where s originates from the user. The absence of any validation or sandboxing means that any expression passed as input is interpreted and executed by the Python interpreter with the privileges of the server process. The attack requires no authentication, and the vector is network-based, making the vulnerability trivial to exploit remotely.

Impact

An attacker can remotely execute arbitrary code on the server without requiring any permissions, leading to complete system compromise, data exfiltration, and potential lateral movement within the internal network.

Mitigation & patch

AgentScope should be updated to a version higher than v0.0.4, in which the unsecured eval() call has been removed. If an update is not immediately possible, network access to the AgentScope workstation web interface should be blocked at the firewall level and the application should not be deployed in publicly accessible environments.

Who is affected

Modelscope AgentScope in versions <= v0.0.4

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Modelscope Agentscope

    APP
    Modelscope
    ≤ 0.0.4
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-8487CRITICAL9.8PL ✓ten sam produkt

Błędna konfiguracja CORS w Modelscope AgentScope umożliwia nieautoryzowany dostęp do API

CVE-2024-8537CRITICAL9.1PL ✓ten sam produkt

Path traversal umożliwiający usunięcie dowolnych plików w AgentScope

CVE-2024-8551CRITICAL9.1PL ✓ten sam produkt

Path traversal w AgentScope umożliwia odczyt i zapis plików JSON

CVE-2024-8438HIGH7.5ten sam produkt

A path traversal vulnerability exists in modelscope/agentscope version v.0.0.4. The API endpoint `/api/file` d...

CVE-2024-8501HIGH8.8ten sam produkt

An arbitrary file download vulnerability exists in the rpc_agent_client component of modelscope/agentscope ver...