CVE-2023-54345
Published: 05 May 2026
Summary
CVE-2023-54345 is a high-severity Code Injection (CWE-94) vulnerability in Frappe Erpnext. Its CVSS base score is 8.7 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 44.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SC-39 (Process Isolation).
Deeper analysis
CVE-2023-54345 is a sandbox escape vulnerability in the RestrictedPython component used by Frappe Framework's ERPNext version 13.4.0. The flaw allows authenticated users with the System Manager role to bypass sandbox restrictions and execute arbitrary code through frame introspection in server scripts.
Attackers with System Manager privileges can exploit this by creating a server script via the /app/server-script endpoint. They access the gi_frame attribute to traverse the call stack and invoke functions such as os.popen, enabling execution of system commands. This results in high-impact confidentiality, integrity, and availability violations, as reflected in the CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and mapped to CWE-94 (Code Injection).
References point to the ERPNext site, Frappe Framework documentation on server scripting, a GitHub gist, the Frappe repository, and the vulnerable safe_exec.py source file at line 42 in v13.4.0, which handles the RestrictedPython execution environment.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-60566
Vulnerability details
Frappe Framework ERPNext 13.4.0 contains a sandbox escape vulnerability in RestrictedPython that allows authenticated users with System Manager role to execute arbitrary code by exploiting frame introspection. Attackers can create a server script via the /app/server-script endpoint and access the…
more
gi_frame attribute to traverse the call stack and invoke os.popen to execute system commands.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Sandbox escape enables arbitrary Python code execution (T1059.006) via server script injection in a network-accessible ERP application (T1190).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the sandbox escape flaw in RestrictedPython's safe_exec.py, preventing arbitrary code execution via frame introspection.
Enforces least privilege to restrict System Manager role access to the vulnerable /app/server-script endpoint, blocking authenticated exploitation.
Implements process isolation mechanisms in the RestrictedPython sandbox to prevent call stack traversal and os.popen invocation from user scripts.