An unauthenticated RCE vulnerability in the OmniGen2-RL reward server allows attackers to execute arbitrary commands on the host system via malicious HTTP requests.

The reward server component insecurely deserializes request bodies using the Python pickle module. Because this occurs before authentication, any remote attacker can send a crafted HTTP POST request containing a malicious pickle payload to achieve code execution on the server.

This vulnerability is critical, as evidenced by its CVSS score of 9.8. It permits complete system takeover by an unauthenticated remote attacker. The business impact includes the potential for total data loss, deployment of ransomware, and the use of the compromised server as a pivot point for further internal network attacks.

Immediate Action: Update the OmniGen2-RL reward server to the latest version immediately. If the service is not strictly necessary for external operations, disable network access to the reward server port.

Proactive Monitoring: Inspect network traffic for suspicious HTTP POST requests directed at the reward server and monitor the host for unauthorized process creation or unexpected network connections.

Compensating Controls: Place the reward server behind a firewall and restrict access to specific, trusted IP addresses. Replace pickle-based communication with safer formats like JSON where possible.

Public Exploit Available: false

Immediate patching is required. The ability for an unauthenticated attacker to execute code remotely represents the highest possible risk tier. Organizations should isolate the affected service until the patch is verified and applied.