CrewAI Vulnerabilities Expose Devices to Hacking - SecurityIT

1.0SecurityIT | Cyber Security Consultinghttps://www.show.it/en/SecurityIThttps://www.show.it/en/author/securityit/CrewAI Vulnerabilities Expose Devices to Hacking - SecurityIT | Cyber Security Consultingrich600338<blockquote class="wp-embedded-content" data-secret="0OqrrlayUV"><a href="https://www.show.it/en/crewai-vulnerabilities-expose-devices-to-hacking/">CrewAI Vulnerabilities Expose Devices to Hacking</a></blockquote><iframe sandbox="allow-scripts" security="restricted" src="https://www.show.it/en/crewai-vulnerabilities-expose-devices-to-hacking/embed/#?secret=0OqrrlayUV" width="600" height="338" title="“CrewAI Vulnerabilities Expose Devices to Hacking” — SecurityIT | Cyber Security Consulting" data-secret="0OqrrlayUV" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" class="wp-embedded-content"></iframe><script> /*! This file is auto-generated */ !function(d,l){"use strict";l.querySelector&&d.addEventListener&&"undefined"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!/[^a-zA-Z0-9]/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret="'+t.secret+'"]'),o=l.querySelectorAll('blockquote[data-secret="'+t.secret+'"]'),c=new RegExp("^https?:$","i"),i=0;i<o.length;i++)o[i].style.display="none";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute("style"),"height"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):"link"===t.message&&(r=new URL(s.getAttribute("src")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener("message",d.wp.receiveEmbedMessage,!1),l.addEventListener("DOMContentLoaded",function(){for(var e,t,s=l.querySelectorAll("iframe.wp-embedded-content"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute("data-secret"))||(t=Math.random().toString(36).substring(2,12),e.src+="#?secret="+t,e.setAttribute("data-secret",t)),e.contentWindow.postMessage({message:"ready",secret:t},"*")},!1)))}(window,document); //# sourceURL=https://www.show.it/wp-includes/js/wp-embed.min.js </script> Attackers can exploit the bugs through prompt injection, chaining them together to escape the sandbox and execute arbitrary code. The post CrewAI Vulnerabilities Expose Devices to Hacking appeared first on SecurityWeek.