Anyscale Ray - Remote Code Execution

Anyscale Ray 2.6.3 and 2.8.0 contain a remote code execution vulnerability due to insecure job submission API, allowing attackers to execute arbitrary code remotely if they have network access to the Ray Dashboard API. id: CVE-2023-48022 info: name: Anyscale Ray - Remote Code Execution author:...

CVE-2023-48022 vulnerabilities

Vulnerabilities for packages: py3-vllm-cuda-12.4...

ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet

Oligo Security has warned of ongoing attacks exploiting a two-year-old security flaw in the Ray open-source artificial intelligence AI framework to turn infected clusters with NVIDIA GPUs into a self-replicating cryptocurrency mining botnet. The activity, codenamed ShadowRay 2.0 , is an evolution...

CVE-2023-48022

A flaw was found in ray. The job submission API allows a remote attacker to execute arbitrary code due to insufficient input validation. An unauthenticated attacker can trigger this vulnerability by sending a malicious job submission request. Successful exploitation results in arbitrary code...

Ray Agent Job RCE

RCE in Ray via the agent job submission endpoint. This is intended functionality as Ray's main purpose is executing arbitrary workloads. By default Ray has no authentication. Module Options msf use exploit/linux/http/rayagentjobrce msf exploitrayagentjobrce show targets ...targets... msf...

Ray Agent Job Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ray Agent Job RCE', 'Description' = %q RCE in Ray via the agent job submission endpoint. This is intended functionality as Ray's main purpose is...

Ray Dashboard Job RCE (CVE-2023-48022)

Binary data rayCVE-2023-48022.nbin...

Critical Unpatched Ray AI Platform Vulnerability Exploited for Cryptocurrency Mining

Cybersecurity researchers are warning that threat actors are actively exploiting a "disputed" and unpatched vulnerability in an open-source artificial intelligence AI platform called Anyscale Ray to hijack computing power for illicit cryptocurrency mining. "This vulnerability allows attackers to...

VulnCheck KEV: CVE-2023-48022

Anyscale Ray 2.6.3 and 2.8.0 allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment...

Exploit for Server-Side Request Forgery in Anyscale Ray

CVE-2023-48022 CVE-2023-48022 explo...

CVE-2023-48022

creationtimestamp| type| source ---|---|--- 2023-12-17 16:42:32+00:00| seen| https://t.me/ctinow/155636 2024-02-14 12:16:10+00:00| published-proof-of-concept| https://github.com/google/tsunami-security-scanner-plugins/tree/master/google/detectors/rce/ai/cve202348022 2024-03-27 10:34:26+00:00| see...

ablator (>=0.0.1b1 <=0.0.1b2), ablator-ken-test (=0.0.1b2) +256 more potentially affected by CVE-2023-48022 via ray (>=0.5.0 <=2.49.2)

ray PYPI version =0.5.0, =0.0.1b1, =0.1.1, =0.0.3, =0.3.1, =0.1.16, =0.1.4, =0.2.1, =1.1.1, =0.1.3, =1.0.11 and more Source cves: CVE-2023-48022 Source advisory: OSV:GHSA-6WGJ-66M2-XXP2...

CVE-2023-48022

This CVE impacts Anyscale Ray versions 2.6.3 and 2.8.0, where the remote code execution (RCE) arises from an insecure job submission API. The vulnerability enables unauthenticated remote code execution if an attacker can reach the Ray Dashboard API over the network, as Ray’s API lacks proper auth...

aana (>=0.2.1 <=0.2.4), abao-ai (=0.0.5) +1083 more potentially affected by CVE-2023-48022 +4 more via ray (>=0.5.0 <=2.8.0)

ray PYPI version =0.5.0, =0.2.1, =0.0.6, =0.0.1b1, =0.1.1, =0.2.0, =0.0.2, =0.1.1, =0.2.0, =0.0.1, =0.0.0, =0.2.11 and more Source cves: CVE-2023-48022, CVE-2023-48023, CVE-2023-6019, CVE-2023-6020, CVE-2023-6021 Source advisory: OSV:GHSA-6CXR-8Q3M-JWRR...

aana (>=0.2.1 <=0.2.4), abao-ai (=0.0.5) +1083 more potentially affected by CVE-2023-48022 +4 more via ray (>=0.5.0 <=2.8.0)

ray PYPI version =0.5.0, =0.2.1, =0.0.6, =0.0.1b1, =0.1.1, =0.2.0, =0.0.2, =0.1.1, =0.2.0, =0.0.1, =0.0.0, =0.2.11 and more Source cves: CVE-2023-48022, CVE-2023-48023, CVE-2023-6019, CVE-2023-6020, CVE-2023-6021 Source advisory: OSV:GHSA-3PWW-QVR8-6MHP...