إرسال #856812: poco-ai poco-agent 0.5.4 Missing Authentication for Critical Function (CWE-306)المعلومات

عنوانpoco-ai poco-agent 0.5.4 Missing Authentication for Critical Function (CWE-306)
الوصف# Technical Details An unauthenticated task creation vulnerability exists in the `create_task` method in `executor_manager/app/api/v1/tasks.py` of poco-agent. The application exposes `POST /api/v1/tasks` without authentication and forwards the attacker-controlled `user_id` into a trusted backend internal session-creation request. The manager's `BackendClient.create_session()` attaches the internal `X-Internal-Token` alongside the attacker-supplied `X-User-Id`, effectively laundering an unauthenticated public request into a privileged backend-internal call. # Vulnerable Code File: executor_manager/app/api/v1/tasks.py Method: create_task (POST /api/v1/tasks route) Why: The public route accepts `TaskCreateRequest.user_id` directly and forwards it into `TaskService.create_task()` without any route-level authentication or internal-token guard. File: executor_manager/app/services/backend_client.py Method: create_session Why: Translates attacker-controlled `user_id` into a trusted internal header (`X-User-Id`) alongside the manager's valid `X-Internal-Token`, crossing the internal impersonation boundary. # Reproduction 1. Start the real executor_manager service with a valid INTERNAL_API_TOKEN configured. 2. Run a minimal backend observer on 127.0.0.1:19080 to capture internal calls. 3. Send an unauthenticated POST to /api/v1/tasks with a body containing `user_id: "victim-user-canary"`. 4. Observe that the backend observer records a call to `/api/v1/internal/sessions` carrying `X-Internal-Token` and `X-User-Id: victim-user-canary`. 5. Confirm that a direct unauthenticated request to the backend sink returns 403, proving the manager is the confused deputy. # Impact - Unauthenticated creation of backend sessions under attacker-chosen user identities. - Ability to enqueue task execution as another user. - Breaks the internal impersonation boundary protected by X-Internal-Token. - Enables pivoting into downstream executor-side effects involving workspaces, callbacks, runtime configuration, and container-backed task execution.
المصدر⚠️ https://github.com/poco-ai/poco-claw/issues/136
المستخدم
 Erichen (UID 98955)
ارسال12/06/2026 10:34 AM (1 شهر منذ)
الاعتدال17/07/2026 07:44 AM (1 month later)
الحالةتمت الموافقة
إدخال VulDB379757 [poco-ai poco-claw حتى 0.5.4 executor_manager API tasks.py create_task توثيق ضعيف]
النقاط20

Do you want to use VulDB in your project?

Use the official API to access entries easily!