A critical remote code execution vulnerability in the manga-image-translator API allows attackers to compromise the host container by sending malicious pickle payloads.

The application uses pickle.loads() to deserialize attacker-controlled HTTP request bodies in the /execute/{method_name} and /simple_execute/{method_name} endpoints. An unauthenticated attacker can leverage this to execute arbitrary code within the server process, often resulting in full container compromise.

The CVSS score of 9.8 underscores the extreme danger of this vulnerability. Successful exploitation permits an attacker to gain full control over the container, which, if running with elevated privileges (root), could lead to complete host system compromise and lateral movement within the network.

Immediate Action: Update the application to the latest version provided by the vendor, which should remove reliance on insecure pickle deserialization.

Proactive Monitoring: Monitor network traffic for anomalous payloads directed at the /execute/ or /simple_execute/ endpoints and inspect container process logs for signs of arbitrary command execution.

Compensating Controls: Place the API behind a robust authentication gateway and use a WAF to filter out requests containing serialized Python object patterns or other suspicious binary data.

Public Exploit Available: No data available.

The use of insecure deserialization is a high-risk practice that must be remediated immediately. Organizations must update their deployment and ensure that the application is not running with unnecessary root privileges to limit the blast radius of potential exploits.