AI PRP: Commnad injection in significant-gravitas/autogpt #536
Assignees
Labels
ai-bounty-prp
Identify an AI bounty plugin
Contributor main
The main issue a contributor is working on (top of the contribution queue).
Comments
|
@tooryx as you told me I want to work on this AI PRP parallelly. |
tooryx
added
Contributor main
|
Hi @am0o0, You can start working on this. ~tooryx |
This was referenced Nov 1, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
According to recent CVE-2024-6091 we can execute arbitrary commands on the popular AutoGPT AI-based application.
once we run the AutoGPT it'll open an http server which if the server is exposed to the public network then attackers can run arbitrary OS commands.
update: the original PoC: https://huntr.com/bounties/8a742c13-bb5e-4bc9-8b86-049d8a386050
The text was updated successfully, but these errors were encountered: