CVE-2025-51482 Scanner
CVE-2025-51482 Scanner - Remote Code Execution (RCE) vulnerability in Letta
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
20 days 5 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox
Letta is a software product used primarily for conducting automated machine learning tasks. It is widely utilized by data scientists, researchers, and AI developers looking to enhance their predictive models. Letta offers an intuitive interface that enables users to deploy machine learning solutions with minimal effort. It is an open-source platform, supported by a community of developers and contributors. The software supports various machine learning libraries and allows for the integration of custom code. It is often leveraged in educational and research environments to foster innovation in machine learning applications.
The vulnerability in question is a Remote Code Execution (RCE) flaw found in Letta version 0.7.12. This vulnerability allows malicious actors to execute arbitrary Python and OS commands on the affected system. The flaw exists due to insufficient input validation in the POST /v1/tools/run endpoint. It poses a significant risk as it can be exploited remotely without authentication. This makes it a prime target for attackers seeking to gain control over compromised systems. It has been classified as a high-severity vulnerability with a CVSS score of 8.8.
Technically, this vulnerability arises from the mishandling of crafted tool source code under the POST /v1/tools/run endpoint. It can be exploited by sending a specially crafted HTTP request that includes unauthorized source code. The vulnerability is linked to the letta.server.rest_api.routers.v1.tools.run_tool_from_source handler. Attackers can exploit this aspect by embedding arbitrary code in the request, ultimately leading to full system compromise. The vulnerable parameter is the 'source_code' within the JSON data sent to the endpoint.
If exploited, this RCE vulnerability could have severe repercussions, such as unauthorized access to sensitive data, full system takeover by attackers, and disruption of machine learning operations. Attackers may leverage the affected system to launch further attacks within the network or to exfiltrate data. It could also result in monetary losses and damage to reputation since critical business processes may be affected. Additionally, it poses a significant threat to data privacy and integrity.
REFERENCES
