2 research outputs found
Demystifying RCE Vulnerabilities in LLM-Integrated Apps
In recent years, Large Language Models (LLMs) have demonstrated remarkable
potential across various downstream tasks. LLM-integrated frameworks, which
serve as the essential infrastructure, have given rise to many LLM-integrated
web apps. However, some of these frameworks suffer from Remote Code Execution
(RCE) vulnerabilities, allowing attackers to execute arbitrary code on apps'
servers remotely via prompt injections. Despite the severity of these
vulnerabilities, no existing work has been conducted for a systematic
investigation of them. This leaves a great challenge on how to detect
vulnerabilities in frameworks as well as LLM-integrated apps in real-world
scenarios.
To fill this gap, we present two novel strategies, including 1) a static
analysis-based tool called LLMSmith to scan the source code of the framework to
detect potential RCE vulnerabilities and 2) a prompt-based automated testing
approach to verify the vulnerability in LLM-integrated web apps. We discovered
13 vulnerabilities in 6 frameworks, including 12 RCE vulnerabilities and 1
arbitrary file read/write vulnerability. 11 of them are confirmed by the
framework developers, resulting in the assignment of 7 CVE IDs. After testing
51 apps, we found vulnerabilities in 17 apps, 16 of which are vulnerable to RCE
and 1 to SQL injection. We responsibly reported all 17 issues to the
corresponding developers and received acknowledgments. Furthermore, we amplify
the attack impact beyond achieving RCE by allowing attackers to exploit other
app users (e.g. app responses hijacking, user API key leakage) without direct
interaction between the attacker and the victim. Lastly, we propose some
mitigating strategies for improving the security awareness of both framework
and app developers, helping them to mitigate these risks effectively
The Reactive Sites of Methane Activation: A Comparison of IrC3+ with PtC3+
The activation reactions of methane mediated by metal carbide ions MC3+ (M = Ir and Pt) were comparatively studied at room temperature using the techniques of mass spectrometry in conjunction with theoretical calculations. MC3+ (M = Ir and Pt) ions reacted with CH4 at room temperature forming MC2H2+/C2H2 and MC4H2+/H2 as the major products for both systems. Besides that, PtC3+ could abstract a hydrogen atom from CH4 to generate PtC3H+/CH3, while IrC3+ could not. Quantum chemical calculations showed that the MC3+ (M = Ir and Pt) ions have a linear M-C-C-C structure. The first C–H activation took place on the Ir atom for IrC3+. The terminal carbon atom was the reactive site for the first C–H bond activation of PtC3+, which was beneficial to generate PtC3H+/CH3. The orbitals of the different metal influence the selection of the reactive sites for methane activation, which results in the different reaction channels. This study investigates the molecular-level mechanisms of the reactive sites of methane activation