CVE-2025-3163
InternLM LMDeploy conf.py open code injection
Severity Score
4.8
*CVSS v4
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track*
*SSVC
Descriptions
A vulnerability was found in InternLM LMDeploy up to 0.7.1. It has been declared as critical. Affected by this vulnerability is the function Open of the file lmdeploy/docs/en/conf.py. The manipulation leads to code injection. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
In InternLM LMDeploy bis 0.7.1 wurde eine kritische Schwachstelle ausgemacht. Hierbei betrifft es die Funktion Open der Datei lmdeploy/docs/en/conf.py. Durch Manipulation mit unbekannten Daten kann eine code injection-Schwachstelle ausgenutzt werden. Der Angriff muss lokal angegangen werden. Der Exploit steht zur öffentlichen Verfügung.
*Credits:
ybdesire
CVSS Scores
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
System
Vulnerable | Subsequent
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track*
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2025-04-03 CVE Reserved
- 2025-04-03 CVE Published
- 2025-04-03 CVE Updated
- 2025-04-03 First Exploit
- 2025-04-04 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
- CWE-94: Improper Control of Generation of Code ('Code Injection')
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| https://vuldb.com/?id.303109 | Vdb Entry | |
| https://vuldb.com/?submit.542527 | Third Party Advisory | |
| https://github.com/InternLM/lmdeploy/issues/3254 | Issue Tracking |
| URL | Date | SRC |
|---|---|---|
| https://github.com/InternLM/lmdeploy/issues/3254#issue-2918865448 | 2025-04-03 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| InternLM Search vendor "InternLM" | LMDeploy Search vendor "InternLM" for product "LMDeploy" | 0.7.0 Search vendor "InternLM" for product "LMDeploy" and version "0.7.0" | en |
Affected
| ||||||
| InternLM Search vendor "InternLM" | LMDeploy Search vendor "InternLM" for product "LMDeploy" | 0.7.1 Search vendor "InternLM" for product "LMDeploy" and version "0.7.1" | en |
Affected
| ||||||