← Back to all posts

CRITICAL: Sensitive Data Exposure & LFI Vulnerability in Base44 Agent Environment

Hi Base44 Security Team,

I am writing to responsibly disclose a critical security vulnerability I discovered within the Base44 agent runtime environment.

Vulnerability Type: Local File Inclusion (LFI) / Information Disclosure Severity: Critical Status: Unpatched

Summary: While testing the agent environment, I discovered that it is possible to bypass file-read restrictions to access sensitive system files, specifically /proc/self/environ. This file exposes high-privilege credentials and internal infrastructure details.

Sensitive Data Exposed: Through this vulnerability, I have successfully retrieved:

  • AWS Secret Access Keys: Providing potential access to S3 buckets (base44-app-archives, base44-app-repositories).

  • BASE44_SERVICE_TOKEN: A JWT that appears to allow service-level impersonation.

  • Infrastructure Metadata: Details regarding the gVisor runtime and Oracle Cloud (OCI) deployment in the eu-frankfurt-1 region.

Proof of Concept (PoC): The vulnerability exists in the handling of file uploads/reads within the Gradio-based API. By crafting a multipart form request that points to system paths, the server returns the contents of internal files.

I have attached a truncated log of the leaked environment variables to this email as proof. I have the full logs and the specific script used to reproduce this and can provide them upon request.

Recommendation:

  1. Secret Rotation: Immediately rotate all AWS keys and Service Tokens exposed in the environment.

  2. Path Sanitization: Implement strict validation on all file paths in the gradio_api to prevent traversal (e.g., blocking /proc/, /etc/, and ../).

  3. Principle of Least Privilege: Ensure the containerized process does not run as root and does not have direct access to sensitive environment variables unless absolutely necessary.

I look forward to your confirmation of this report and details regarding your bug bounty process.

Best regards,

Tahir Rasool

linkedin: https://www.linkedin.com/in/tahir-rasool-13617a373/


Please authenticate to join the conversation.

Upvoters
Status

In Review

Board
πŸ’‘

Feature Request

Date

About 19 hours ago

Author

Tahir Rasool

Subscribe to post

Get notified by email when there are changes.