CVE-2024-56137
Published: 02 January 2025
Summary
CVE-2024-56137 is a medium-severity OS Command Injection (CWE-78) vulnerability in Maxkb Maxkb. Its CVSS base score is 6.8 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation of Remote Services (T1210); ranked in the top 9.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as LLM Application Platforms; in the Supply Chain and Deployment risk domain.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
MaxKB is an open source knowledge base question-answering system built on large language models and retrieval-augmented generation. Prior to version 1.9.0 it contained a remote command execution flaw in the function library module, tracked as CWE-78, that allowed operating system commands to be run via custom scripts. The vulnerability received a CVSS 3.1 score of 6.8 with the vector AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H.
An attacker must already possess privileged credentials and the ability to reach the application over the network. By supplying a malicious script in the function library, the attacker can execute arbitrary operating system commands, resulting in full control over confidentiality, integrity, and availability of the affected instance.
The GitHub advisory GHSA-76w2-2g72-cg85 states that the issue is resolved in release 1.9.0. The associated EPSS score has remained flat at 0.0584 with no material increase after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-52990
Vulnerability details
MaxKB, which stands for Max Knowledge Base, is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation (RAG). Prior to version 1.9.0, a remote command execution vulnerability exists in the module of function…
more
library. The vulnerability allow privileged users to execute OS command in custom scripts. The vulnerability has been fixed in v1.9.0.
- CWE(s)
AI Security AnalysisAI
- AI Category
- LLM Application Platforms
- Risk Domain
- Supply Chain and Deployment
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: large language model
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The RCE vulnerability enables privileged users to remotely execute arbitrary OS commands via custom scripts in the function library module, facilitating T1210 (Exploitation of Remote Services) and T1059 (Command and Scripting Interpreter).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Remediating the command injection flaw in MaxKB's function library module by patching to v1.9.0 or later directly prevents privileged users from executing arbitrary OS commands via custom scripts.
Validating inputs to the function library module prevents OS command injection by ensuring custom script parameters do not contain malicious commands.
Enforcing least privilege limits the number of users with access to the vulnerable custom script functionality, reducing the attack surface for exploitation.