CVE-2025-53927 MEDIUM

CVE-2025-53927: MaxKB sandbox bypass

Vendor 1Panel-Dev
Product MaxKB
Weakness CWE-94 · Code injection
Published July 17, 2025
Last update July 17, 2025

CVSS base score

4.6/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

MaxKB is an open-source AI assistant for enterprise. Prior to version 2.0.0, the sandbox design rules can be bypassed because MaxKB only restricts the execution permissions of files in a specific directory. Therefore, an attacker can use the `shutil.copy2` method in Python to copy the command they want to execute to the executable directory. This bypasses directory restrictions and reverse shell. Version 2.0.0 fixes the issue.

Key dates

02Disclosure timeline

July 17, 2025 CVE published
July 17, 2025 Record updated