CVE-2024-8953

In composiohq/composio version 0.4.3, the mathematical_calculator endpoint uses the unsafe eval() function to perform mathematical operations. This can lead to arbitrary code execution if untrusted input is passed to the eval() function.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://huntr.com/bounties/8203d721-e05f-4500-a5bc-c0bec980420c	Exploit
https://huntr.com/bounties/8203d721-e05f-4500-a5bc-c0bec980420c	Exploit

Configurations

Configuration 1 (hide)

cpe:2.3:a:composio:composio:0.4.3:*:*:*:*:*:*:*

History

01 Apr 2025, 20:30

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~7.2~~	v2 : unknown v3 : 9.8
References	~~() https://huntr.com/bounties/8203d721-e05f-4500-a5bc-c0bec980420c -~~	() https://huntr.com/bounties/8203d721-e05f-4500-a5bc-c0bec980420c - Exploit
CPE		cpe:2.3:a:composio:composio:0.4.3:::::::*
First Time		Composio Composio composio
CWE		CWE-913

20 Mar 2025, 19:15

Type	Values Removed	Values Added
Summary		(es) En composiohq/composio versión 0.4.3, el endpoint mathematical_calculator utiliza la función eval() no segura para realizar operaciones matemáticas. Esto puede provocar la ejecución de código arbitrario si se pasa una entrada no confiable a la función eval().
References	~~() https://huntr.com/bounties/8203d721-e05f-4500-a5bc-c0bec980420c -~~	() https://huntr.com/bounties/8203d721-e05f-4500-a5bc-c0bec980420c -

20 Mar 2025, 10:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-20 10:15

Updated : 2025-04-01 20:30

NVD link : CVE-2024-8953

Mitre link : CVE-2024-8953

CVE.ORG link : CVE-2024-8953

JSON object : View

Products Affected

composio

composio

CWE

CWE-627

Dynamic Variable Evaluation

CWE-913

Improper Control of Dynamically-Managed Code Resources

{"id": "CVE-2024-8953", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "security@huntr.dev", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2025-03-20T10:15:44.843", "references": [{"url": "https://huntr.com/bounties/8203d721-e05f-4500-a5bc-c0bec980420c", "tags": ["Exploit"], "source": "security@huntr.dev"}, {"url": "https://huntr.com/bounties/8203d721-e05f-4500-a5bc-c0bec980420c", "tags": ["Exploit"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@huntr.dev", "description": [{"lang": "en", "value": "CWE-627"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-913"}]}], "descriptions": [{"lang": "en", "value": "In composiohq/composio version 0.4.3, the mathematical_calculator endpoint uses the unsafe eval() function to perform mathematical operations. This can lead to arbitrary code execution if untrusted input is passed to the eval() function."}, {"lang": "es", "value": "En composiohq/composio versi\u00f3n 0.4.3, el endpoint mathematical_calculator utiliza la funci\u00f3n eval() no segura para realizar operaciones matem\u00e1ticas. Esto puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario si se pasa una entrada no confiable a la funci\u00f3n eval()."}], "lastModified": "2025-04-01T20:30:28.420", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:composio:composio:0.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17A3924D-B2D4-467A-935A-CF760AA17B7D"}], "operator": "OR"}]}], "sourceIdentifier": "security@huntr.dev"}

9.8 /10