Critical SandboxJS Vulnerability Exposes Systems to Remote Code Execution
A significant security flaw has been identified in the JavaScript library SandboxJS, potentially allowing attackers to execute arbitrary code on host systems. This vulnerability, designated as CVE-2026-25881 with a critical CVSS score of 8.3 out of 10, affects all versions up to 0.8.30. The issue has been addressed in version 0.8.31.
Understanding the Vulnerability
SandboxJS is designed to securely execute untrusted JavaScript code by isolating it from the host environment. It employs an isGlobal flag to prevent sandboxed code from modifying host system objects. However, researchers discovered that when global prototype references, such as `Map.prototype` or `Set.prototype`, are placed into an array and subsequently retrieved, the protective isGlobal flag is stripped away. This oversight enables a process known as prototype pollution, allowing attackers to permanently alter core JavaScript objects.
Technical Breakdown of the Exploit
The exploitation process involves several steps:
1. Array Creation: The attacker creates an array containing a reference to a global prototype, such as `Map.prototype`.
2. Reference Extraction: Retrieving the prototype reference from the array causes the isGlobal protection flag to be lost due to the way SandboxJS handles array operations.
3. Prototype Modification: With the protection flag removed, the attacker can add malicious properties or override existing ones on the prototype. For example, injecting a `cmd` property with a value like `’id’`.
4. Host Code Execution: When the host application later utilizes the polluted prototype in sensitive operations, such as executing system commands, the injected malicious code is executed.
Demonstration of the Exploit
Security researcher k14uz has released exploit code demonstrating multiple attack scenarios. One proof-of-concept shows how sandboxed code can add a polluted property to the `Map` prototype, which then appears in all new `Map` objects created by the host. More advanced demonstrations include overwriting built-in functions and executing system commands like `id` to reveal user information.
Implications for Applications Using SandboxJS
Any application utilizing SandboxJS to run untrusted JavaScript code is susceptible to this vulnerability. Attackers can break sandbox isolation, manipulate host execution flow, and potentially gain full system access, depending on how the host application processes the polluted properties. This vulnerability underscores the challenges of creating secure JavaScript sandboxes and highlights the importance of defense-in-depth strategies when handling untrusted code.
Recommended Mitigation Measures
Developers and security teams are urged to take the following actions:
– Immediate Upgrade: Update SandboxJS to version 0.8.31, which preserves protection flags across array operations and blocks writes to built-in prototypes.
– Freeze Built-in Prototypes: As an additional defense, freeze built-in prototypes before executing untrusted code to prevent unauthorized modifications.
– Audit Applications: Review applications for sensitive operations that might use user-controlled object properties and ensure they are safeguarded against prototype pollution.
Conclusion
The discovery of CVE-2026-25881 in SandboxJS serves as a critical reminder of the complexities involved in securely executing untrusted code. By promptly updating to the patched version and implementing recommended security practices, developers can protect their applications from potential exploitation.
