OS Command Injection
Description
The `subprocess` function is used with `shell=True`, which can lead to OS command injection attacks. This occurs because the command is spawned using a shell process, propagating current shell settings and variables, making it easier for malicious actors to execute commands.
Examples
Insecure Code
python
subprocess.run('ls -l', shell=True)Secure Code
python
subprocess.run(['ls', '-l'])Remediation
Use `shell=False` instead of `shell=True` when calling the `subprocess` function to prevent OS command injection attacks.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0151 |
| Category | Injection |
| Severity | HIGH |
| CWE | CWE-78 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | os-command-injection, shell-injection |
| OWASP | A1:2017-Injection, A03:2021-Injection |