The main()
function uses the eval()
function which can lead to contextual code execution, allowing an attacker to gain access to a system and execute commands with the privileges of the running program by setting NUITKA_PYTHONPATH
, NUITKA_NAMESPACES
or NUITKA_PTH_IMPORTED
to a malicious payload string. This can lead to backdoors, reverse shells or reading/writing to privileged files.
One example of a similar vulnerability is CVE-2022-0845 in the popular pytorch-lightning repository. [See References]
$ export NUITKA_PYTHONPATH='os.system("touch rickroll")'
nuitka/__main__.py
$ ls rickroll
rickroll