“Playing with Fire: How Meta and Amazon Extinguished ShellTorch’s Blaze in Open-Source Tool TorchServe”

“Feeling the heat from ‘ShellTorch’, TorchServe Security Vulnerabilities had servers sweating bullets! Three dangerous flaws were the equivalent of a neon ‘Free Stuff’ sign on your server’s front door. Thankfully, Meta and Amazon played fireman, patching up these hotspots. The moral? Don’t play with fire; keep your software updated!”

Hot Take:

Break out the s’mores folks, because we’ve got a ShellTorch! Three security issues in the open-source tool TorchServe were found to be hot enough to potentially take over a server and execute remote code. Thanks to the quick work of the Meta and Amazon teams, the issues have been patched. But this serves (pun intended) as a fiery reminder to all you tech aficionados out there to always keep your software up to date.

Key Points:

  • The trio of security issues in TorchServe could lead to server takeover and remote code execution.
  • The vulnerabilities were collectively dubbed “ShellTorch.”
  • Meta and Amazon have already patched the flaws.
  • TorchServe version 0.8.2, released on August 28, addresses the security issues.
  • The attack chain does not require technical expertise and can be easily exploited.

Need to know more?

Knocking on the Wrong Door

The vulnerabilities included an "unauthenticated management interface API misconfiguration." Basically, the tool's default setup was like leaving your front door wide open with a sign that says "Free stuff inside. No questions asked."

Playing with Fire

The second flaw was a remote server-side request forgery bug that could lead to code execution. It was like the tool's API accepted all domains as valid URLs, like a kid at a candy store saying "I'll take one of everything, please."

Slippery Snake

The final flaw was a SnakeYAML deserialization vulnerability. This was the equivalent of using a rusty lock for your bike and then being surprised when it gets stolen.


Thankfully, Amazon and Meta were on hand like a pair of skilled firefighters to douse the flames. They patched the issues and advised users to use the latest version of TorchServe.

Lessons from the Ashes

The Oligo team offers some sage advice. Change the management console from the default settings and ensure your server only fetches models from trusted domains. They've even released a free tool to check if you're vulnerable to ShellTorch. So, let's avoid playing with fire and keep our servers safe, shall we?
Tags: Amazon AWS, Meta (Facebook), Remote code execution (RCE), Server-side request forgery (SSFR), ShellTorch vulnerabilities, SnakeYAML deserialization, TorchServe