Skip to main content

Code Executor Sandbox Escape

Disclosure for Code Executor Sandbox Escape

Retool’s security team has become aware of a sandbox escape in self hosted deployments of Retool that do not have a corresponding code executor deployment. If you do not have a code executor container running, Workflows and Custom API Authentication will become disabled in versions 3.251.0 and later.

Am I affected?

All instances of self hosted deployments of Retool without a code executor deployment are vulnerable.

What is a sandbox (escape)?

A sandbox is a mechanism to isolate untrusted code from interacting with other untrusted code or with a host system. A sandbox escape is an exploit that allows the untrusted code to escape the sandbox and access systems on the host system.

Prior to version 3.251.0, Retool ran certain code in the backend container when a code executor deployment was not available. Retool uses a sandbox to isolate such code running from being able to access sensitive data and systems on the backend container. This means that this exploit could allow somebody with the relevant permissions to execute arbitrary code directly on the backend server. This would allow for escalated access such as accessing your encryption key.

What are the permissions required for this exploit?

In order to write an exploit that escapes the sandbox, a user would need to be authenticated in your Retool instance and have permissions to either edit workflows or to create new resources.

What mitigations are available?

To mitigate this issue, Retool recommends that you set up a code executor deployment as soon as possible. A separate code executor deployment is the only secure way to continue running backend execution of code.

Beginning in version 3.251.0, backend execution of code is disabled by default. This affects the following functionality in deployments without a code executor container:

  1. Workflows
  2. Custom API Authentication