CVE-2024-57609
Published: 06 February 2025
Summary
CVE-2024-57609 is a high-severity Code Injection (CWE-94) vulnerability. Its CVSS base score is 8.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 7.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2024-57609 affects Kanaries Inc Pygwalker versions prior to 0.4.9.9. The flaw resides in the login redirection function, where the redirect_path parameter permits code injection (CWE-94). Unauthenticated remote attackers can leverage it to obtain sensitive information and execute arbitrary code, consistent with the CVSS 8.6 rating reflecting network attack vector, low complexity, and impacts on confidentiality, integrity, and availability.
An attacker needs only network access and can supply a malicious redirect_path value to trigger the injection without authentication or user interaction. Successful exploitation yields sensitive data exposure and the ability to run attacker-controlled code on the affected server.
The provided reference points to a GitHub repository containing further technical details on the issue. Upgrading to Pygwalker 0.4.9.9 or later eliminates the vulnerable redirect handling. The associated EPSS score has remained near 0.1 with only minor fluctuation between its current and peak values.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-53644
Vulnerability details
An issue in Kanaries Inc Pygwalker before v.0.4.9.9 allows a remote attacker to obtain sensitive information and execute arbitrary code via the redirect_path parameter of the login redirection function.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CWE-94 code injection in network-exposed login redirect enables remote arbitrary code execution (T1190) via Python (T1059.006).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates the insufficient sanitization of the redirect_path parameter by requiring validation of all information inputs to prevent code injection.
Addresses the vulnerability by requiring timely flaw remediation through upgrading Pygwalker to version 0.4.9.9 or later where the issue is fixed.
Provides additional protection by restricting the redirect_path parameter to approved safe values, limiting opportunities for code injection.