Cyber Resilience

CVE-2023-54345

HighPublic PoCRCE

Published: 05 May 2026

Published
05 May 2026
Modified
05 May 2026
KEV Added
Patch
CVSS Score v4 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0061 44.7th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2023-54345 is a high-severity Code Injection (CWE-94) vulnerability in Frappe Erpnext. Its CVSS base score is 8.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 44.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SC-39 (Process Isolation).

Deeper analysis

CVE-2023-54345 is a sandbox escape vulnerability in the RestrictedPython component used by Frappe Framework's ERPNext version 13.4.0. The flaw allows authenticated users with the System Manager role to bypass sandbox restrictions and execute arbitrary code through frame introspection in server scripts.

Attackers with System Manager privileges can exploit this by creating a server script via the /app/server-script endpoint. They access the gi_frame attribute to traverse the call stack and invoke functions such as os.popen, enabling execution of system commands. This results in high-impact confidentiality, integrity, and availability violations, as reflected in the CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and mapped to CWE-94 (Code Injection).

References point to the ERPNext site, Frappe Framework documentation on server scripting, a GitHub gist, the Frappe repository, and the vulnerable safe_exec.py source file at line 42 in v13.4.0, which handles the RestrictedPython execution environment.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Frappe Framework ERPNext 13.4.0 contains a sandbox escape vulnerability in RestrictedPython that allows authenticated users with System Manager role to execute arbitrary code by exploiting frame introspection. Attackers can create a server script via the /app/server-script endpoint and access the…

more

gi_frame attribute to traverse the call stack and invoke os.popen to execute system commands.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1059.006 Python Execution
Adversaries may abuse Python commands and scripts for execution.
Why these techniques?

Sandbox escape enables arbitrary Python code execution (T1059.006) via server script injection in a network-accessible ERP application (T1190).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-66434Same product: Frappe Erpnext
CVE-2025-66437Same product: Frappe Erpnext
CVE-2026-44446Same product: Frappe Erpnext
CVE-2026-44447Same product: Frappe Erpnext
CVE-2026-27471Same product: Frappe Erpnext
CVE-2026-32954Same product: Frappe Erpnext
CVE-2026-44442Same product: Frappe Erpnext
CVE-2025-67289Same product: Frappe Erpnext
CVE-2026-31017Same product: Frappe Erpnext
CVE-2025-65267Same product: Frappe Erpnext

Affected Assets

frappe
erpnext
13.4.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the sandbox escape flaw in RestrictedPython's safe_exec.py, preventing arbitrary code execution via frame introspection.

prevent

Enforces least privilege to restrict System Manager role access to the vulnerable /app/server-script endpoint, blocking authenticated exploitation.

prevent

Implements process isolation mechanisms in the RestrictedPython sandbox to prevent call stack traversal and os.popen invocation from user scripts.

References