CVE-2024-8156

moderate-risk
Published 2025-03-20

A command injection vulnerability exists in the workflow-checker.yml workflow of significant-gravitas/autogpt. The untrusted user input `github.head.ref` is used insecurely, allowing an attacker to inject arbitrary commands. This vulnerability affects versions up to and including the latest version. An attacker can exploit this by creating a branch name with a malicious payload and opening a pull request, potentially leading to reverse shell access or theft of sensitive tokens and keys.

Do I need to act?

~
2.6% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (1)

Autogpt Classic

Affected Vendors

Agpt

References (3)

Patch https://github.com/significant-gravitas/autogpt/commit/1df7d527dd37dff8363dc162f...
Exploit https://huntr.com/bounties/959efe87-f109-4cef-94d8-90ff2c7aef51
Exploit https://huntr.com/bounties/959efe87-f109-4cef-94d8-90ff2c7aef51
43
/ 100
moderate-risk
Severity 32/34 · Critical
Exploitability 6/34 · Minimal
Exposure 5/34 · Minimal