Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-reachable API, low complexity, requires TENANT_ADMIN (PR:H), no UI; sandbox escape crosses trust boundary into host js-executor process so S:C with full CIA impact.
Primary rating from Vendor (jpcert).
CVSS VectorVendor: jpcert
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
6DescriptionCVE.org
ThingsBoard contains a prototype pollution vulnerability which may lead to arbitrary code execution within a sandboxed context by a user who can log in to the affected product with the tenant administrator privilege (TENANT_ADMIN).
AnalysisAI
Sandbox escape via prototype pollution in ThingsBoard (versions prior to v4.3.1.2) allows a TENANT_ADMIN-authenticated user to achieve arbitrary code execution within the tb-js-executor sandboxed JavaScript context. The flaw lets a rule-chain script reach the host realm through the args.constructor.constructor chain (e.g., synthesizing a Function that returns process), defeating the intended VM isolation. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Requires an authenticated session with the TENANT_ADMIN role on a ThingsBoard instance prior to v4.3.1.2; CUSTOMER role is insufficient (the patch adds a separate test confirming `/api/ruleChain/testScript` is forbidden for customers). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:H/UI:N, VC:H/VI:H/VA:H, base 8.6) reflects a remote, low-complexity attack that nevertheless requires high privileges - specifically a logged-in TENANT_ADMIN - which materially limits the population of viable attackers to insiders or attackers who have already compromised tenant credentials. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has obtained TENANT_ADMIN credentials (via phishing, credential reuse, or as a malicious insider on a shared ThingsBoard instance) submits a crafted rule-chain test script through POST /api/ruleChain/testScript containing `args.constructor.constructor('return process')()`, which traverses the polluted prototype chain to obtain the host Node.js `process` global. From there the script can spawn child processes, read environment variables (including database credentials), or pivot from the tb-js-executor microservice into the wider ThingsBoard cluster. … |
| Remediation | Vendor-released patch: ThingsBoard v4.3.1.2 - upgrade to this version or later, which contains the JsExecutor sandbox hardening from PR https://github.com/thingsboard/thingsboard/pull/15600 and the accompanying regression test. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all ThingsBoard deployments, document versions, and restrict TENANT_ADMIN role assignment to absolutely necessary personnel. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Prototype Pollution
View allPrototype pollution in Adobe Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier enables arbitrary code execu
Prototype pollution in the farinspace Partners WordPress plugin (versions up to and including 0.2.0) enables remote unau
Prototype pollution vulnerability in 'deephas' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service
A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code vi
A Prototype Pollution issue in Aliconnect /sdk v.0.0.6 allows an attacker to execute arbitrary code via the aim function
All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper s
This affects the package vm2 before 3.9.4 via a Prototype Pollution attack vector, which can lead to execution of arbitr
Prototype Pollution in chargeover redoc v2.0.9-rc.69 allows attackers to execute arbitrary code or cause a Denial of Ser
alizeait unflatto <= 1.0.2 was discovered to contain a prototype pollution via the method exports.unflatto at /dist/inde
A vulnerability exists in the 'dagre-d3-es' Node.js package version 7.0.9, specifically within the 'bk' module's addConf
A Prototype Pollution vulnerability in the util-deps.addFileDepend function of magix-combine-ex versions thru 1.2.10 all
Chartist 1.x through 1.3.0 allows Prototype Pollution via the extend function. Rated critical severity (CVSS 9.8), this
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-37828
GHSA-prc2-x3qx-38m9