Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE-95:Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
Weakness ID:95
Version:v4.17
Weakness Name:Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
Vulnerability Mapping:Allowed
Abstraction:Variant
Structure:Simple
Status:Incomplete
Likelihood of Exploit:Medium
DetailsContent HistoryObserved CVE ExamplesReports
▼Description

The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call (e.g. "eval").

diagram
▼Extended Description

▼Alternate Terms
▼Relationships
Relevant to the view"Research Concepts - (1000)"
NatureMappingTypeIDName
ChildOfAllowed-with-ReviewB94Improper Control of Generation of Code ('Code Injection')
Nature: ChildOf
Mapping: Allowed-with-Review
Type: Base
ID: 94
Name: Improper Control of Generation of Code ('Code Injection')
▼Memberships
NatureMappingTypeIDName
MemberOfProhibitedC714OWASP Top Ten 2007 Category A3 - Malicious File Execution
MemberOfProhibitedC727OWASP Top Ten 2004 Category A6 - Injection Flaws
MemberOfProhibitedV884CWE Cross-section
MemberOfProhibitedC990SFP Secondary Cluster: Tainted Input to Command
MemberOfProhibitedC1019Validate Inputs
MemberOfProhibitedC1179SEI CERT Perl Coding Standard - Guidelines 01. Input Validation and Data Sanitization (IDS)
MemberOfProhibitedC1347OWASP Top Ten 2021 Category A03:2021 - Injection
MemberOfProhibitedC1409Comprehensive Categorization: Injection
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 714
Name: OWASP Top Ten 2007 Category A3 - Malicious File Execution
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 727
Name: OWASP Top Ten 2004 Category A6 - Injection Flaws
Nature: MemberOf
Mapping: Prohibited
Type:View
ID: 884
Name: CWE Cross-section
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 990
Name: SFP Secondary Cluster: Tainted Input to Command
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1019
Name: Validate Inputs
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1179
Name: SEI CERT Perl Coding Standard - Guidelines 01. Input Validation and Data Sanitization (IDS)
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1347
Name: OWASP Top Ten 2021 Category A03:2021 - Injection
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1409
Name: Comprehensive Categorization: Injection
▼Tags
NatureMappingTypeIDName
MemberOfProhibitedBSBOSS-246Weaknesses in Software Written in Python
MemberOfProhibitedBSBOSS-248Weaknesses in Software Written in JavaScript
MemberOfProhibitedBSBOSS-250Weaknesses in Software Written in Perl
MemberOfProhibitedBSBOSS-252Weaknesses in Software Written in Ruby
MemberOfProhibitedBSBOSS-263Weaknesses in AI/ML
MemberOfProhibitedBSBOSS-273Medium likelihood of exploit
MemberOfProhibitedBSBOSS-279Input Validation Strategy
MemberOfProhibitedBSBOSS-293Interpreted Weaknesses
MemberOfProhibitedBSBOSS-311Execute Unauthorized Code or Commands (impact)
MemberOfProhibitedBSBOSS-316Bypass Protection Mechanism (impact)
MemberOfProhibitedBSBOSS-319Read Files or Directories (impact)
MemberOfProhibitedBSBOSS-322Hide Activities (impact)
MemberOfProhibitedBSBOSS-328Read Application Data (impact)
MemberOfProhibitedBSBOSS-332Gain Privileges or Assume Identity (impact)
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-246
Name: Weaknesses in Software Written in Python
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-248
Name: Weaknesses in Software Written in JavaScript
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-250
Name: Weaknesses in Software Written in Perl
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-252
Name: Weaknesses in Software Written in Ruby
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-263
Name: Weaknesses in AI/ML
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-273
Name: Medium likelihood of exploit
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-279
Name: Input Validation Strategy
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-293
Name: Interpreted Weaknesses
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-311
Name: Execute Unauthorized Code or Commands (impact)
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-316
Name: Bypass Protection Mechanism (impact)
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-319
Name: Read Files or Directories (impact)
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-322
Name: Hide Activities (impact)
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-328
Name: Read Application Data (impact)
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-332
Name: Gain Privileges or Assume Identity (impact)
▼Relevant To View
Relevant to the view"Weaknesses Addressed by the SEI CERT Perl Coding Standard - (1178)"
NatureMappingTypeIDName
MemberOfProhibitedC1179SEI CERT Perl Coding Standard - Guidelines 01. Input Validation and Data Sanitization (IDS)
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 1179
Name: SEI CERT Perl Coding Standard - Guidelines 01. Input Validation and Data Sanitization (IDS)
Relevant to the view"Architectural Concepts - (1008)"
NatureMappingTypeIDName
MemberOfProhibitedC1019Validate Inputs
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 1019
Name: Validate Inputs
Relevant to the view"OWASP Top Ten (2021) - (1344)"
NatureMappingTypeIDName
MemberOfProhibitedC1347OWASP Top Ten 2021 Category A03:2021 - Injection
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 1347
Name: OWASP Top Ten 2021 Category A03:2021 - Injection
Relevant to the view"Software Fault Pattern (SFP) Clusters - (888)"
NatureMappingTypeIDName
MemberOfProhibitedC990SFP Secondary Cluster: Tainted Input to Command
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 990
Name: SFP Secondary Cluster: Tainted Input to Command
▼Background Detail

▼Common Consequences
ScopeLikelihoodImpactNote
ConfidentialityN/ARead Files or DirectoriesRead Application Data

The injected code could access restricted data / files.

Access ControlN/ABypass Protection Mechanism

In some cases, injectable code controls authentication; this may lead to a remote vulnerability.

Access ControlN/AGain Privileges or Assume Identity

Injected code can access resources that the attacker is directly prevented from accessing.

IntegrityConfidentialityAvailabilityOtherN/AExecute Unauthorized Code or Commands

Code injection attacks can lead to loss of data integrity in nearly all cases as the control-plane data injected is always incidental to data recall or writing. Additionally, code injection can often result in the execution of arbitrary code or at least modify what code can be executed.

Non-RepudiationN/AHide Activities

Often the actions performed by injected control code are unlogged.

Scope: Confidentiality
Likelihood: N/A
Impact: Read Files or Directories, Read Application Data
Note:

The injected code could access restricted data / files.

Scope: Access Control
Likelihood: N/A
Impact: Bypass Protection Mechanism
Note:

In some cases, injectable code controls authentication; this may lead to a remote vulnerability.

Scope: Access Control
Likelihood: N/A
Impact: Gain Privileges or Assume Identity
Note:

Injected code can access resources that the attacker is directly prevented from accessing.

Scope: Integrity, Confidentiality, Availability, Other
Likelihood: N/A
Impact: Execute Unauthorized Code or Commands
Note:

Code injection attacks can lead to loss of data integrity in nearly all cases as the control-plane data injected is always incidental to data recall or writing. Additionally, code injection can often result in the execution of arbitrary code or at least modify what code can be executed.

Scope: Non-Repudiation
Likelihood: N/A
Impact: Hide Activities
Note:

Often the actions performed by injected control code are unlogged.

▼Potential Mitigations
Phase:Architecture and Design, Implementation
Mitigation ID:
Strategy:
Effectiveness:
Description:

If possible, refactor your code so that it does not need to use eval() at all.

Note:


Phase:Implementation
Mitigation ID: MIT-5
Strategy: Input Validation
Effectiveness:
Description:

Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.

When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."

Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.

Note:


Phase:Implementation
Mitigation ID:
Strategy:
Effectiveness:
Description:

Inputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180, CWE-181). Make sure that your application does not inadvertently decode the same input twice (CWE-174). Such errors could be used to bypass allowlist schemes by introducing dangerous inputs after they have been checked. Use libraries such as the OWASP ESAPI Canonicalization control.

Consider performing repeated canonicalization until your input does not change any more. This will avoid double-decoding and similar scenarios, but it might inadvertently modify inputs that are allowed to contain properly-encoded dangerous content.

Note:


Phase:Implementation
Mitigation ID:
Strategy:
Effectiveness: Discouraged Common Practice
Description:

For Python programs, it is frequently encouraged to use the ast.literal_eval() function instead of eval, since it is intentionally designed to avoid executing code. However, an adversary could still cause excessive memory or stack consumption via deeply nested structures [REF-1372], so the python documentation discourages use of ast.literal_eval() on untrusted data [REF-1373].

Note:

▼Modes Of Introduction
Phase: Implementation
Note:

REALIZATION: This weakness is caused during implementation of an architectural security tactic.

Phase: Implementation
Note:

This weakness is prevalent in handler/dispatch procedures that might want to invoke a large number of functions, or set a large number of variables.

▼Applicable Platforms
Languages
Class: Java(Undetermined Prevalence)
Class: JavaScript(Undetermined Prevalence)
Class: Python(Undetermined Prevalence)
Class: Perl(Undetermined Prevalence)
Class: PHP(Undetermined Prevalence)
Class: Ruby(Undetermined Prevalence)
Class: Interpreted(Undetermined Prevalence)
Technology
Class: AI/ML(Undetermined Prevalence)
▼Demonstrative Examples
Example 1

edit-config.pl: This CGI script is used to modify settings in a configuration file.

Language: ( code)
N/A

Language: Perl(Bad code)
use CGI qw(:standard); sub config_file_add_key { my ($fname, $key, $arg) = @_; # code to add a field/key to a file goes here* } sub config_file_set_key { my ($fname, $key, $arg) = @_; # code to set key to a particular file goes here* } sub config_file_delete_key { my ($fname, $key, $arg) = @_; # code to delete key from a particular file goes here* } sub handleConfigAction { my ($fname, $action) = @_; my $key = param('key'); my $val = param('val'); # this is super-efficient code, especially if you have to invoke* *# any one of dozens of different functions!* my $code = "config_file_$action_key(\$fname, \$key, \$val);"; eval($code);} $configfile = "/home/cwe/config.txt"; print header; if (defined(param('action'))) { handleConfigAction($configfile, param('action')); } else { print "No action specified!\n"; }

Language: ( code)
N/A

The script intends to take the 'action' parameter and invoke one of a variety of functions based on the value of that parameter - config_file_add_key(), config_file_set_key(), or config_file_delete_key(). It could set up a conditional to invoke each function separately, but eval() is a powerful way of doing the same thing in fewer lines of code, especially when a large number of functions or variables are involved. Unfortunately, in this case, the attacker can provide other values in the action parameter, such as:

Language: (Attack code)
add_key(",","); system("/bin/ls");

Language: ( code)
N/A

This would produce the following string in handleConfigAction():

Language: (Result code)
config_file_add_key(",","); system("/bin/ls");

Language: ( code)
N/A

Any arbitrary Perl code could be added after the attacker has "closed off" the construction of the original function call, in order to prevent parsing errors from causing the malicious eval() to fail before the attacker's payload is activated. This particular manipulation would fail after the system() call, because the "_key(\$fname, \$key, \$val)" portion of the string would cause an error, but this is irrelevant to the attack because the payload has already been activated.

Example 2

This simple script asks a user to supply a list of numbers as input and adds them together.

Language: ( code)
N/A

Language: Python(Bad code)
def main(): sum = 0 numbers = eval(input("Enter a space-separated list of numbers: ")) for num in numbers: sum = sum + num print(f"Sum of {numbers} = {sum}") main()

Language: ( code)
N/A

The eval() function can take the user-supplied list and convert it into a Python list object, therefore allowing the programmer to use list comprehension methods to work with the data. However, if code is supplied to the eval() function, it will execute that code. For example, a malicious user could supply the following string:

Language: (Attack code)
__import__('subprocess').getoutput('rm -r *')

Language: ( code)
N/A

This would delete all the files in the current directory. For this reason, it is not recommended to use eval() with untrusted input.

Language: ( code)
N/A

A way to accomplish this without the use of eval() is to apply an integer conversion on the input within a try/except block. If the user-supplied input is not numeric, this will raise a ValueError. By avoiding eval(), there is no opportunity for the input string to be executed as code.

Language: Python(Good code)
def main(): sum = 0 numbers = input("Enter a space-separated list of numbers: ").split(" ") try: for num in numbers: sum = sum + int(num) print(f"Sum of {numbers} = {sum}") except ValueError: print("Error: invalid input") main()

Language: ( code)
N/A

An alternative, commonly-cited mitigation for this kind of weakness is to use the ast.literal_eval() function, since it is intentionally designed to avoid executing code. However, an adversary could still cause excessive memory or stack consumption via deeply nested structures [REF-1372], so the python documentation discourages use of ast.literal_eval() on untrusted data [REF-1373].

▼Observed Examples
ReferenceDescription
CVE-2024-4181
Framework for LLM applications allows eval injection via a crafted response from a hosting provider.
CVE-2022-2054
Python compiler uses eval() to execute malicious strings as Python code.
CVE-2021-22204
Chain: regex in EXIF processor code does not correctly determine where a string ends (CWE-625), enabling eval injection (CWE-95), as exploited in the wild per CISA KEV.
CVE-2021-22205
Chain: backslash followed by a newline can bypass a validation step (CWE-20), leading to eval injection (CWE-95), as exploited in the wild per CISA KEV.
CVE-2008-5071
Eval injection in PHP program.
CVE-2002-1750
Eval injection in Perl program.
CVE-2008-5305
Eval injection in Perl program using an ID that should only contain hyphens and numbers.
CVE-2002-1752
Direct code injection into Perl eval function.
CVE-2002-1753
Eval injection in Perl program.
CVE-2005-1527
Direct code injection into Perl eval function.
CVE-2005-2837
Direct code injection into Perl eval function.
CVE-2005-1921
MFV. code injection into PHP eval statement using nested constructs that should not be nested.
CVE-2005-2498
MFV. code injection into PHP eval statement using nested constructs that should not be nested.
CVE-2005-3302
Code injection into Python eval statement from a field in a formatted file.
CVE-2007-1253
Eval injection in Python program.
CVE-2001-1471
chain: Resultant eval injection. An invalid value prevents initialization of variables, which can be modified by attacker and later injected into PHP eval statement.
CVE-2007-2713
Chain: Execution after redirect triggers eval injection.
Reference: CVE-2024-4181
Description:
Framework for LLM applications allows eval injection via a crafted response from a hosting provider.
Reference: CVE-2022-2054
Description:
Python compiler uses eval() to execute malicious strings as Python code.
Reference: CVE-2021-22204
Description:
Chain: regex in EXIF processor code does not correctly determine where a string ends (CWE-625), enabling eval injection (CWE-95), as exploited in the wild per CISA KEV.
Reference: CVE-2021-22205
Description:
Chain: backslash followed by a newline can bypass a validation step (CWE-20), leading to eval injection (CWE-95), as exploited in the wild per CISA KEV.
Reference: CVE-2008-5071
Description:
Eval injection in PHP program.
Reference: CVE-2002-1750
Description:
Eval injection in Perl program.
Reference: CVE-2008-5305
Description:
Eval injection in Perl program using an ID that should only contain hyphens and numbers.
Reference: CVE-2002-1752
Description:
Direct code injection into Perl eval function.
Reference: CVE-2002-1753
Description:
Eval injection in Perl program.
Reference: CVE-2005-1527
Description:
Direct code injection into Perl eval function.
Reference: CVE-2005-2837
Description:
Direct code injection into Perl eval function.
Reference: CVE-2005-1921
Description:
MFV. code injection into PHP eval statement using nested constructs that should not be nested.
Reference: CVE-2005-2498
Description:
MFV. code injection into PHP eval statement using nested constructs that should not be nested.
Reference: CVE-2005-3302
Description:
Code injection into Python eval statement from a field in a formatted file.
Reference: CVE-2007-1253
Description:
Eval injection in Python program.
Reference: CVE-2001-1471
Description:
chain: Resultant eval injection. An invalid value prevents initialization of variables, which can be modified by attacker and later injected into PHP eval statement.
Reference: CVE-2007-2713
Description:
Chain: Execution after redirect triggers eval injection.
▼Affected Resources
    ▼Functional Areas
      ▼Weakness Ordinalities
      OrdinalityDescription
      Primary
      N/A
      Ordinality: Primary
      Description:
      N/A
      ▼Detection Methods
      Automated Static Analysis
      Detection Method ID:DM-14
      Description:

      Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.)

      Effectiveness:High
      Note:

      N/A

      ▼Vulnerability Mapping Notes
      Usage:Allowed
      Reason:Acceptable-Use
      Rationale:

      This CWE entry is at the Variant level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.

      Comments:

      Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.

      Suggestions:
      ▼Notes
      Other

      Factors: special character errors can play a role in increasing the variety of code that can be injected, although some vulnerabilities do not require special characters at all, e.g. when a single function without arguments can be referenced and a terminator character is not necessary.

      N/A

      ▼Taxonomy Mappings
      Taxonomy NameEntry IDFitEntry Name
      PLOVERN/AN/ADirect Dynamic Code Evaluation ('Eval Injection')
      OWASP Top Ten 2007A3CWE More SpecificMalicious File Execution
      OWASP Top Ten 2004A6CWE More SpecificInjection Flaws
      Software Fault PatternsSFP24N/ATainted input to command
      SEI CERT Perl Coding StandardIDS35-PLExactDo not invoke the eval form with a string argument
      Taxonomy Name: PLOVER
      Entry ID: N/A
      Fit: N/A
      Entry Name: Direct Dynamic Code Evaluation ('Eval Injection')
      Taxonomy Name: OWASP Top Ten 2007
      Entry ID: A3
      Fit: CWE More Specific
      Entry Name: Malicious File Execution
      Taxonomy Name: OWASP Top Ten 2004
      Entry ID: A6
      Fit: CWE More Specific
      Entry Name: Injection Flaws
      Taxonomy Name: Software Fault Patterns
      Entry ID: SFP24
      Fit: N/A
      Entry Name: Tainted input to command
      Taxonomy Name: SEI CERT Perl Coding Standard
      Entry ID: IDS35-PL
      Fit: Exact
      Entry Name: Do not invoke the eval form with a string argument
      ▼Related Attack Patterns
      IDName
      CAPEC-35
      Leverage Executable Code in Non-Executable Files
      ID: CAPEC-35
      Name: Leverage Executable Code in Non-Executable Files
      ▼References
      Reference ID: REF-62
      Title: The Art of Software Security Assessment
      Author: Mark Dowd, John McDonald, Justin Schuh
      Section: Chapter 18, "Inline Evaluation", Page 1095
      Publication:
      Publisher:Addison Wesley
      Edition:1st Edition
      URL:
      URL Date:
      Day:N/A
      Month:N/A
      Year:2006
      Reference ID: REF-1372
      Title: How ast.literal_eval can cause memory exhaustion
      Author:
      Section:
      Publication:
      Publisher:Reddit
      Edition:
      URL:https://www.reddit.com/r/learnpython/comments/zmbhcf/how_astliteral_eval_can_cause_memory_exhaustion/
      URL Date:2023-11-03
      Day:14
      Month:12
      Year:2022
      Reference ID: REF-1373
      Title: ast - Abstract Syntax Trees
      Author:
      Section: ast.literal_eval(node_or_string)
      Publication:
      Publisher:Python
      Edition:
      URL:https://docs.python.org/3/library/ast.html#ast.literal_eval
      URL Date:2023-11-03
      Day:02
      Month:11
      Year:2023
      Details not found