Plataforma
python
Componente
agpt
Corrigido em
0.1.1
0.2.3
CVE-2026-24780 is a Remote Code Execution (RCE) vulnerability affecting AutoGPT Platform versions up to 0.2.2. This flaw allows authenticated users to execute disabled blocks, potentially leading to arbitrary code execution on the server. A fix is available in version 0.6.44, and users are strongly advised to upgrade immediately.
The vulnerability lies in the block execution endpoints of the AutoGPT Platform, both within the main web API and the external API. The system fails to properly check the disabled flag before executing blocks. An attacker, possessing an authenticated account (either self-registered via Supabase or an existing account), can exploit this to execute the BlockInstallationBlock. This block is designed to write arbitrary Python code to the server's filesystem and then execute it using import(). This effectively grants the attacker remote code execution capabilities, allowing them to compromise the entire server. The potential impact includes data theft, system takeover, and further malicious activity.
CVE-2026-24780 was publicly disclosed on 2026-01-29. There is currently no indication of active exploitation in the wild, but the availability of a public description and the ease of exploitation make it a potential target. The vulnerability has been added to the CISA KEV catalog, indicating a medium probability of exploitation. No public proof-of-concept (PoC) code has been released as of this writing.
Self-hosted AutoGPT Platform deployments are particularly at risk, especially those utilizing Supabase for user authentication. Legacy configurations with disabled user signup and limited access controls are also vulnerable. Shared hosting environments where multiple users share the same server instance face a heightened risk of lateral movement if one account is compromised.
• python: Monitor Python script execution for unexpected or unauthorized code.
Get-Process -Name python | Where-Object {$_.CPU -gt 10} # Check for high CPU usage by Python processes• linux / server: Examine system logs for suspicious Python script execution attempts.
journalctl -u autogpt -g 'python' | grep -i 'import'• generic web: Monitor access logs for requests targeting the vulnerable block execution endpoints. Look for unusual parameters or payloads.
grep -i 'block_id=' /var/log/apache2/access.logdisclosure
Status do Exploit
EPSS
0.10% (percentil 28%)
CISA SSVC
The primary mitigation is to upgrade AutoGPT Platform to version 0.6.44 or later, which addresses this vulnerability. If an immediate upgrade is not feasible due to compatibility issues or breaking changes, consider temporarily disabling the block execution endpoints or restricting access to them. Implement strict authentication and authorization controls to limit the number of users with access to these endpoints. Monitor system logs for suspicious activity, particularly attempts to execute blocks with unusual names or content. While a WAF or proxy rule could be implemented to filter requests to the vulnerable endpoints, this is not a substitute for patching.
Actualice AutoGPT a la versión 0.6.44 o superior. Esta versión corrige la vulnerabilidad de ejecución remota de código al verificar correctamente el estado 'disabled' de los bloques antes de su ejecución. La actualización previene que usuarios autenticados ejecuten código Python arbitrario en el servidor.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2026-24780 is a Remote Code Execution vulnerability in AutoGPT Platform versions up to 0.2.2, allowing authenticated users to execute arbitrary Python code on the server.
You are affected if you are running AutoGPT Platform versions 0.2.2 or earlier. Upgrade to 0.6.44 to resolve the issue.
Upgrade AutoGPT Platform to version 0.6.44 or later. If immediate upgrade is not possible, consider temporary mitigation steps like disabling vulnerable endpoints.
There is currently no confirmed evidence of active exploitation, but the vulnerability's ease of exploitation warrants caution.
Refer to the official AutoGPT Platform security advisories and release notes for details and updates regarding CVE-2026-24780.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.
Envie seu arquivo requirements.txt e descubra na hora se você está afetado.