The AutoGPT library’s shell command denylist feature is ineffective. Despite setting a denylist to prevent the execution of the “whoami” command, it can be easily bypassed.  The report demonstrates that by creating a symbolic link to the “whoami” command with a different name, the denylist can be circumvented, which highlights the limitations of the current … Continue reading Critical AutoGPT Vulnerability Allows Hackers to Access Servers