Zepl Notebook Sandbox Escape

2022.02.17
Credit: Josh Sheppard
Risk: High
Local: Yes
Remote: No
CWE: N/A

Exploit Title: Zepl Notebook - Sandbox Escape Date: 9/28/2021 Vendor Homepage: https://zepl.com/ Software Link: https://app.zepl.com/ Version: Affects all versions of the product up to the date of this submission Tested on: The issue affects all versions of the product up to the date of this submission Exploit Authors: Josh Sheppard & Pathfynder Inc Exploit Contact: ghost a t undervurse dot_com & josh a t pathfynder dot_io Exploit Technique: Remote CVE ID: CVE-2021-42952 1. Description A container escape vulnerability has been discovered in Zepl's Notebooks product. Upon launching Remote Code Execution from the Notebook (CVE-2021-42950), users can then use that to subsequently escape the running context sandbox and proceed to access internal Zepl assets including cloud metadata services resulting in complete compromise of cloud assets. This vulnerability effects all previous versions of their Notebook product suite. 2. Disclosure Timeline 9/28/21 - Discovery and Exploitation 9/28/21 - Vendor Notified 10/31/21 - Patch Applied 2/16/22 - CVE Assigned 2/17/22 - Public Disclosure 3. Mitigation Hotfix applied to vendors SAAS solution, no action is necessary at this time


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top