The vulnerabilities included an unauthenticated management interface API misconfiguration, a remote server-side request forgery bug, and a SnakeYAML deserialization vulnerability. Despite the patches, Oligo's CEO Nadav Czerninski warned that the vulnerabilities could be easily exploited with basic knowledge of TorchServe. Oligo has released a free tool to check for vulnerability to ShellTorch and recommends updating to TorchServe 0.8.2 and changing the management console from the default settings.
Key takeaways:
- Three security issues in TorchServe, an open-source tool for scaling PyTorch machine-learning models, could lead to server takeover and remote code execution (RCE), according to security researchers.
- The issues, dubbed "ShellTorch," have been patched in TorchServe version 0.8.2, released on August 28, and Meta and Amazon have downplayed the flaws.
- Despite the patches, the vulnerabilities can be easily exploited using basic knowledge of TorchServe and its configuration, warns Oligo co-founder and CEO Nadav Czerninski.
- Oligo team suggests updating the allowed_urls in the config.properties file to ensure your server only fetches models from trusted domains and changing the management console from the default settings to prevent remote access.