1.2.4
CVE-2026-33057 describes a Remote Code Execution (RCE) vulnerability discovered in Mesop, a Python-based UI framework. This flaw allows an attacker to execute arbitrary code on the server hosting the application, potentially leading to complete system compromise. The vulnerability affects versions 1.2.2 and earlier, and a fix is available in version 1.2.3.
The impact of CVE-2026-33057 is severe. An attacker can exploit this vulnerability to gain complete control over the server running the Mesop application. This includes the ability to execute arbitrary commands, access sensitive data, install malware, and potentially pivot to other systems on the network. The vulnerability's lack of authentication makes it particularly dangerous, as any attacker who can route HTTP requests to the /exec-py endpoint can exploit it. The use of base64 encoded strings further obfuscates the malicious code, potentially evading basic detection mechanisms. This vulnerability shares similarities with other code injection flaws where untrusted input is directly executed, highlighting the importance of input validation and sanitization.
CVE-2026-33057 was publicly disclosed on 2026-03-20. The vulnerability's simplicity and lack of authentication suggest a high probability of exploitation. While no public proof-of-concept (PoC) has been released at the time of writing, the ease of exploitation makes it a likely candidate for inclusion in exploit databases and automated scanning tools. It is not currently listed on CISA KEV, but its critical severity warrants close monitoring. Active campaigns targeting this vulnerability are possible.
Organizations using Mesop in production environments, particularly those with publicly accessible instances or those lacking robust network security controls, are at significant risk. Development environments and testing instances are also vulnerable. Shared hosting environments where Mesop is deployed alongside other applications are particularly susceptible due to the potential for cross-site scripting or other attacks to exploit this vulnerability.
• python: Check for the presence of the /exec-py endpoint using curl:
curl -v http://<mesop_server>/exec-py• python: Examine the ai/sandbox/wsgi_app.py file for the vulnerable route. Look for code that directly executes base64 encoded strings.
• generic web: Monitor access logs for requests to /exec-py with unusual or suspicious base64 encoded payloads.
• generic web: Implement rate limiting on the /exec-py endpoint to mitigate brute-force attempts.
disclosure
漏洞利用状态
EPSS
0.14% (34% 百分位)
CISA SSVC
CVSS 向量
The primary mitigation for CVE-2026-33057 is to immediately upgrade Mesop to version 1.2.3 or later. If upgrading is not immediately feasible, consider implementing a temporary workaround by disabling the /exec-py endpoint. This can be achieved by modifying the ai/sandbox/wsgi_app.py file to remove or comment out the vulnerable route. Additionally, implement strict network segmentation to limit access to the Mesop application server. Monitor access logs for suspicious activity, particularly requests targeting the /exec-py endpoint. Consider using a Web Application Firewall (WAF) to block requests containing base64 encoded strings or other potentially malicious payloads. After upgrading, confirm the vulnerability is resolved by attempting to access the /exec-py endpoint and verifying that it returns an error or is inaccessible.
将 Mesop 更新到 1.2.3 或更高版本。此版本修复了未认证的远程代码执行漏洞。可以通过 Python 包管理器 (pip) 执行更新。
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2026-33057 is a CRITICAL Remote Code Execution vulnerability in Mesop versions 1.2.2 and earlier, allowing attackers to execute arbitrary code on the server via an unauthenticated endpoint.
You are affected if you are using Mesop version 1.2.2 or earlier. Upgrade to version 1.2.3 to mitigate the risk.
The recommended fix is to upgrade Mesop to version 1.2.3 or later. As a temporary workaround, disable the /exec-py endpoint.
While no confirmed exploitation is public, the vulnerability's ease of exploitation suggests a high probability of exploitation and warrants immediate attention.
Refer to the Mesop project's official website and GitHub repository for the latest advisory and security updates.
上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。
上传你的 requirements.txt 文件,立即知道是否受影响。